MidnightBSD

Advisories for auerswald

CVE-2003-1457 MEDIUM

Auerswald COMsuite CTI ControlCenter 3.1 creates a default "runasositron" user account with an easily guessable password, which allows local users or remote attackers to gain access.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-16,

Products Affected

Vendor Product Version
auerswald comsuite_cti_controlcenter 3.1
CVE-2018-19977 HIGH

A command injection (missing input validation, escaping) in the ftp upgrade configuration interface on the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows an authenticated remote attacker (simple user) -- in the same network as the device -- to trigger OS commands (like starting telnetd or opening a reverse shell) via a POST request to the web server.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
auerswald comfortel_1200_ip_firmware 3.4.4.1-10589
CVE-2018-19978 HIGH

A buffer overflow vulnerability in the DHCP and PPPOE configuration interface of the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows a remote attacker (authenticated as simple user in the same network as the device) to trigger remote code execution via a POST request (ManufacturerName parameter) to the web server on the device. The web server is running with root privileges and the injected code will also run with root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
auerswald comfortel_1200_ip_firmware 3.4.4.1-10589
CVE-2021-40856 MEDIUM

Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the /about/../ substring.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-706,

Products Affected

Vendor Product Version
auerswald comfortel_3600_ip_firmware *
auerswald comfortel_1400_ip_firmware *
auerswald comfortel_2600_ip_firmware *
CVE-2021-40857 MEDIUM

Auerswald COMpact 5500R devices before 8.2B allow Privilege Escalation via the passwd=1 substring.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-522,

Products Affected

Vendor Product Version
auerswald compact_5000r_ip_firmware *
auerswald commander_6000rx_ip_firmware *
auerswald compact_5500r_ip_firmware *
auerswald compact_5200r_ip_firmware *
auerswald compact_5020_voip_ip_firmware *
auerswald compact_4000_ip_firmware *
auerswald commander_business(19")_ip_firmware *
auerswald commander_basic.2(19")_ip_firmware *
auerswald compact_5010_voip_ip_firmware *
auerswald commander_6000r_ip_firmware *
CVE-2021-40858 MEDIUM

Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
auerswald compact_5000r_ip_firmware *
auerswald commander_6000rx_ip_firmware *
auerswald compact_5500r_ip_firmware *
auerswald compact_5200r_ip_firmware *
auerswald compact_5020_voip_ip_firmware *
auerswald compact_4000_ip_firmware *
auerswald commander_business(19")_ip_firmware *
auerswald commander_basic.2(19")_ip_firmware *
auerswald compact_5010_voip_ip_firmware *
auerswald commander_6000r_ip_firmware *
CVE-2021-40859 HIGH

Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
auerswald compact_5500r_firmware 8.0b
auerswald compact_5500r_firmware 7.8a