Auerswald COMpact 5500R devices prior to 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
auerswald compact_5500r_ip_firmware |
||
auerswald compact_5200r_ip_firmware |
||
auerswald compact_5000r_ip_firmware |
||
auerswald compact_4000_ip_firmware |
||
auerswald commander_6000r_ip_firmware |
||
auerswald commander_6000rx_ip_firmware |
||
auerswald commander_business\\(19\\\"\\)_ip_firmware |
||
auerswald commander_basic.2\\(19\\\"\\)_ip_firmware |
||
auerswald compact_5010_voip_ip_firmware |
||
auerswald compact_5020_voip_ip_firmware |
Vulmon