Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/165166/Auerswald-COMpact-8.0B-Arbitrary-File-Disclosure.html | Exploit Third Party Advisory VDB Entry |
https://www.redteam-pentesting.de/advisories/rt-sa-2021-006 | Exploit Third Party Advisory |
https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-12-13T03:27:51
Updated: 2021-12-22T13:57:43
Reserved: 2021-09-10T00:00:00
Link: CVE-2021-40858
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-13T04:15:07.087
Modified: 2022-01-04T16:08:27.000
Link: CVE-2021-40858
JSON object: View
Redhat Information
No data.
CWE