CVE-2021-40858

Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:auerswald:compact_5500r_ip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:auerswald:compact_5500r_ip:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:auerswald:compact_5200r_ip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:auerswald:compact_5200r_ip:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:auerswald:compact_5000r_ip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:auerswald:compact_5000r_ip:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:auerswald:compact_4000_ip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:auerswald:compact_4000r_ip:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:auerswald:commander_6000r_ip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:auerswald:commander_6000r_ip:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:auerswald:commander_6000rx_ip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:auerswald:commander_6000rx_ip:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:auerswald:commander_business\(19\"\)_ip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:auerswald:commander_business\(19\"\)_ip:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:auerswald:commander_basic.2\(19\"\)_ip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:auerswald:commander_basic.2\(19\"\)_ip:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:auerswald:compact_5010_voip_ip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:auerswald:compact_5010_voip_ip:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:auerswald:compact_5020_voip_ip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:auerswald:compact_5020_voip_ip:-:*:*:*:*:*:*:*

Information

Published : 2021-12-12 20:15

Updated : 2022-01-04 08:08


NVD link : CVE-2021-40858

Mitre link : CVE-2021-40858


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

auerswald

  • compact_5500r_ip_firmware
  • commander_basic.2\(19\"\)_ip
  • commander_6000r_ip
  • compact_5500r_ip
  • commander_6000r_ip_firmware
  • compact_4000r_ip
  • commander_6000rx_ip
  • compact_5020_voip_ip
  • compact_5200r_ip_firmware
  • compact_5000r_ip
  • commander_business\(19\"\)_ip
  • compact_5010_voip_ip
  • compact_5200r_ip
  • compact_5000r_ip_firmware
  • commander_6000rx_ip_firmware
  • compact_4000_ip_firmware
  • commander_business\(19\"\)_ip_firmware
  • compact_5010_voip_ip_firmware
  • compact_5020_voip_ip_firmware
  • commander_basic.2\(19\"\)_ip_firmware