Auerswald

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-40858 1Auerswald 10Commander 6000r Ip Firmware Commander 6000rx Ip FirmwareCommander Basic.2(19") Ip Firmware+7 more Nov 21, 2024 Dec 13, 2021 N/A· v4 4.9 MEDIUM· v3 6.8 MEDIUM· v2 Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring.
CVE-2021-40857 1Auerswald 10Commander 6000r Ip Firmware Commander 6000rx Ip FirmwareCommander Basic.2(19") Ip Firmware+7 more Nov 21, 2024 Dec 13, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Auerswald COMpact 5500R devices before 8.2B allow Privilege Escalation via the passwd=1 substring.
CVE-2021-40856 1Auerswald 3Comfortel 1400 Ip Firmware Comfortel 2600 Ip FirmwareComfortel 3600 Ip Firmware Nov 21, 2024 Dec 13, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the /about/../ substring.
CVE-2021-40859 1Auerswald 1Compact 5500r Firmware Nov 21, 2024 Dec 7, 2021 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device.
CVE-2018-19978 1Auerswald 1Comfortel 1200 Ip Firmware Nov 21, 2024 May 29, 2019 N/A· v4 8.0 HIGH· v3 7.7 HIGH· v2 A buffer overflow vulnerability in the DHCP and PPPOE configuration interface of the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows a remote attacker (authenticated as simple user in the same network as the device)...Show more A buffer overflow vulnerability in the DHCP and PPPOE configuration interface of the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows a remote attacker (authenticated as simple user in the same network as the device) to trigger remote code execution via a POST request (ManufacturerName parameter) to the web server on the device. The web server is running with root privileges and the injected code will also run with root privileges.Show less
CVE-2018-19977 1Auerswald 1Comfortel 1200 Ip Firmware Nov 21, 2024 May 29, 2019 N/A· v4 8.0 HIGH· v3 7.7 HIGH· v2 A command injection (missing input validation, escaping) in the ftp upgrade configuration interface on the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows an authenticated remote attacker (simple user) -- in the sam...Show more A command injection (missing input validation, escaping) in the ftp upgrade configuration interface on the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows an authenticated remote attacker (simple user) -- in the same network as the device -- to trigger OS commands (like starting telnetd or opening a reverse shell) via a POST request to the web server.Show less
CVE-2003-1457 1Auerswald 1Comsuite Cti Controlcenter Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Auerswald COMsuite CTI ControlCenter 3.1 creates a default "runasositron" user account with an easily guessable password, which allows local users or remote attackers to gain access.