PT-2005-3336 · Dynalink+2 · Dynalink Rta300W+2

Luca Carettoni

Published

2005-08-03

Updated

2017-07-11

CVE-2005-2424

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Siemens SANTIS 50 version 4.2.8.0

Description The issue allows remote attackers to access the Telnet port without authentication by sending certain packets to the web interface, causing it to freeze. This could potentially affect other products, including Ericsson HN294dp and Dynalink RTA300W.

Recommendations For Siemens SANTIS 50 version 4.2.8.0, consider restricting access to the Telnet port and the web interface until a fix is available. As a temporary workaround, avoid using the web interface to prevent it from freezing and potentially allowing unauthorized access.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2424

Affected Products

Dynalink Rta300W

Ericsson Hn294Dp

Siemens Santis 50

PT-2005-3336 · Dynalink+2 · Dynalink Rta300W+2

CVE-2005-2424

Related Identifiers

Affected Products

References · 7