The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does not implement any lockout or throttling functionality. This situation (together with the weak password policy that forces a 4-digit password) allows remote attackers to easily obtain administrative access via brute-force attacks.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-03-02T00:41:00
Updated: 2021-03-02T00:41:00
Reserved: 2021-01-18T00:00:00
Link: CVE-2021-25309
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-03-02T01:15:12.697
Modified: 2022-04-26T16:00:33.177
Link: CVE-2021-25309
JSON object: View
Redhat Information
No data.