PT-2021-20891 · Tieline · Tieline Ip Audio Gateway

Published

2021-07-01

Updated

2022-07-12

CVE-2021-35336

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Tieline IP Audio Gateway versions 2.6.4.8 and below

Description: The issue concerns Incorrect Access Control in the Tieline Web Administrative Interface, allowing an unauthenticated user to access sensitive parts of the system with a high-privileged account.

Recommendations: For versions 2.6.4.8 and below, update to a version above 2.6.4.8 to resolve the issue. As a temporary workaround, consider restricting access to the Tieline Web Administrative Interface to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1188

Related Identifiers

CVE-2021-35336

Affected Products

Tieline Ip Audio Gateway

PT-2021-20891 · Tieline · Tieline Ip Audio Gateway

CVE-2021-35336

Weakness Enumeration

Related Identifiers

Affected Products

References · 3