CVE-2021-40856
52Vexday Risk Score
Patch now. It exploitation observed by VulnCheck and has a working public exploit.
ssvc Actepss 51%
from disclosure to weapon
Published on NVDDec 13
VulnCheck+1272d
exploitation probability
51%top 1% of all CVEs
observed exploitation
yesVulnCheck
Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the /about/../ substring.
Affected products
n/a · n/aReferences
http://packetstormsecurity.com/files/165162/Auerswald-COMfortel-1400-2600-3600-IP-2.8F-Authentication-Bypass.htmlhttps://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyseshttps://www.redteam-pentesting.de/en/advisories/rt-sa-2021-004/-auerswald-comfortel-1400-2600-3600-ip-authentication-bypass