The administrative interface in Allied Telesis AT-RG634A ADSL Broadband router 3.3+, iMG624A firmware 3.5, iMG616LH firmware 2.4, and iMG646BD firmware 3.5 allows remote attackers to gain privileges and execute arbitrary commands via a direct request to cli.html.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| alliedtelesis | at-rg634a | - |
| alliedtelesis | img616lh | - |
| alliedtelesis | img646bd_firmware | 3.5 |
| alliedtelesis | at-rg634a_firmware | 3.3+ |
| alliedtelesis | img616lh_firmware | +2.4 |
| alliedtelesis | img624a_firmware | 3.5 |
| alliedtelesis | img624a | - |
| alliedtelesis | img646bd | - |
Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 9924SP, CentreCOM 9924T/4SP, Rapier 48i, and SwitchBlade4000 with firmware before 2.9.1-21 allows remote attackers to execute arbitrary code via a crafted HTTP POST request.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| alliedtelesis | centrecom_ar450s_firmware | * |
| alliedtelesis | ar750s-dp_firmware | * |
| alliedtelesis | ar441s_firmware | * |
| alliedtelesis | at-9924t_firmware | * |
| alliedtelesis | ar442s_firmware | * |
| alliedtelesis | at-9816gb_firmware | * |
| alliedtelesis | at-8848_firmware | * |
| alliedtelesis | at-9924ts_firmware | * |
| alliedtelesis | centrecom_ar550s | * |
| alliedtelesis | at-8624poe_firmware | * |
| alliedtelesis | centrecom_9924t/4sp | * |
| alliedtelesis | ar745_firmware | * |
| alliedtelesis | at-8748xl_firmware | * |
| alliedtelesis | ar440s_firmware | * |
| alliedtelesis | centrecom_9924sp_firmware | * |
| alliedtelesis | centrecom_8700sl_firmware | * |
| alliedtelesis | ar750s | - |
| alliedtelesis | ar441s | - |
| alliedtelesis | at-9816gb | * |
| alliedtelesis | ar745 | - |
| alliedtelesis | ar440s | - |
| alliedtelesis | centrecom_ar570s | * |
| alliedtelesis | rapier_48i_firmware | * |
| alliedtelesis | centrecom_ar415s | * |
| alliedtelesis | at-8624t/2m_firmware | * |
| alliedtelesis | at-9924t | * |
| alliedtelesis | at-9924ts | * |
| alliedtelesis | centrecom_ar415s_firmware | * |
| alliedtelesis | centrecom_9924t/4sp_firmware | * |
| alliedtelesis | ar750s_firmware | * |
| alliedtelesis | rapier_48i | * |
| alliedtelesis | switchblade4000 | * |
| alliedtelesis | at-8848 | * |
| alliedtelesis | centrecom_ar450s | * |
| alliedtelesis | centrecom_9924sp | * |
| alliedtelesis | at-8624t/2m | * |
| alliedtelesis | centrecom_8948xl_firmware | * |
| alliedtelesis | centrecom_ar570s_firmware | * |
| alliedtelesis | centrecom_8948xl | * |
| alliedtelesis | ar750s-dp | - |
| alliedtelesis | centrecom_ar550s_firmware | * |
| alliedtelesis | at-8748xl | * |
| alliedtelesis | at-8624poe | * |
| alliedtelesis | at-8648t/2sp | * |
| alliedtelesis | switchblade4000_firmware | * |
| alliedtelesis | centrecom_ar8700sl | * |
| alliedtelesis | at-8648t/2sp_firmware | * |
| alliedtelesis | ar442s | - |
Allied Telesis 8100L/8 devices allow XSS via the edit-ipv4_interface.php vlanid or subnet_mask parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| alliedtelesis | 8100l/8_firmware | - |
A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] allows unauthenticated attackers to read arbitrary system files via a GET request. NOTE: This is an End-of-Life product.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| alliedtelesis | at-gs950/8_firmware | * |