CVE-2021-40112

Name of the Vulnerable Software and Affected Versions Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) (affected versions not specified)

Description The issue is related to multiple vulnerabilities in the web-based management interface of the Cisco Catalyst PON Series Switches ONT. These vulnerabilities could allow an unauthenticated, remote attacker to log in with a default credential if the Telnet protocol is enabled, perform command injection, and modify the configuration. The vulnerability is also associated with insufficient input validation, which may allow a remote attacker to execute arbitrary code using a specially crafted HTTPS request.

Recommendations For the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT), consider disabling the Telnet protocol to prevent login with default credentials. As a temporary workaround, restrict access to the web-based management interface to minimize the risk of exploitation. Avoid using the web-based management interface until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.