CVE-2021-25680

Name of the Vulnerable Software and Affected Versions AdTran Personal Phone Manager versions 10.8.1 and earlier

Description The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact versions 10.8.1 and below, and potentially later versions as well, since they have not previously been disclosed. The affected appliances, NetVanta 7060 and NetVanta 7100, are considered End of Life and will not be patched.

Recommendations For versions 10.8.1 and earlier, consider disabling any features that may be susceptible to cross-site scripting attacks until a patch is available, however, since the affected appliances are End of Life, a patch will not be provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.