Описание
The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- Vendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:h:cisco:ata-186:*:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05453
Низкий
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
EPSS
Процентиль: 90%
0.05453
Низкий
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other