CVE-2021-31726

Name of the Vulnerable Software and Affected Versions Akuvox C315 version 115.116.2613

Description The issue allows remote command injection via the cfgd server service. The attack vector involves sending a payload to port 189, which is configured to listen on all IP addresses by default (0.0.0.0).

Recommendations For Akuvox C315 version 115.116.2613, consider restricting access to the cfgd server service on port 189 to minimize the risk of exploitation. As a temporary workaround, restrict the service to only listen on specific IP addresses instead of all IP addresses (0.0.0.0) until a patch is available.