Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adtran vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-5210
Cross-site scripting (XSS) vulnerability in the GUI login page in ADTRAN AOS before R10.8.1 on the NetVanta 7100 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Adtran Aos
Adtran Netvanta 7100 -
Adtran Netvanta 7060 -
9
CVSSv2
CVE-2018-19648
An issue exists in ADTRAN PMAA 1.6.2-1, 1.6.3, and 1.6.4. NETCONF Access Management (NACM) allows unprivileged users to create privileged users and execute arbitrary commands via the use of the diagnostic-profile over RESTCONF.
Adtran Pmaa 1.6.2
Adtran Pmaa 1.6.3
NA
CVE-2022-37661
SmartRG SR506n 2.5.15 and SR510n 2.6.13 routers are vulnerable to Remote Code Execution (RCE) via the ping host feature.
Adtran Sr510n Firmware 2.6.13
Adtran Sr506n Firmware 2.5.15
1 EDB exploit
3.5
CVSSv2
CVE-2021-25679
The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only versio...
Adtran Personal Phone Manager
1 Github repository
4.3
CVSSv2
CVE-2021-25680
The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only version 10....
Adtran Personal Phone Manager
1 Github repository
5
CVSSv2
CVE-2000-0292
The Adtran MX2800 M13 Multiplexer allows remote malicious users to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash.
Adtran Mx2800 M13
5
CVSSv2
CVE-2021-25681
AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The affected applia...
Adtran Personal Phone Manager 10.8.1
1 Github repository
NA
CVE-2023-38120
Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existi...
1 Github repository
5
CVSSv2
CVE-2005-4564
The Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN NetVanta prior to 10.03.03.E might allow remote malicious users to cause a denial of service via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
Adtran Netvanta 3xxx
Adtran Netvanta 4xxx
Adtran Netvanta 5xxx
10
CVSSv2
CVE-2005-4565
Format string vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN NetVanta prior to 10.03.03.E might allow remote malicious users to have an unknown impact via format string specifiers in crafted IKE packets, as demonstrated by the PROTOS ISAKMP ...
Adtran Netvanta 3xxx
Adtran Netvanta 4xxx
Adtran Netvanta 5xxx
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »