PT-2025-13777 · Adtran · Adtran 411 Ont

Lanrat

Published

2025-03-31

Updated

2025-03-31

CVE-2025-22939

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Adtran 411 ONT version L80.00.0011.M2

Description A command injection vulnerability in the telnet service allows attackers to escalate privileges to root and execute arbitrary commands.

Recommendations For version L80.00.0011.M2, consider disabling the telnet service until a patch is available to prevent exploitation. Restrict access to the telnet service to minimize the risk of privilege escalation. Avoid using the telnet service for remote access until the issue is resolved.

Exploit

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2025-22939

Affected Products

Adtran 411 Ont

PT-2025-13777 · Adtran · Adtran 411 Ont

CVE-2025-22939

Weakness Enumeration

Related Identifiers

Affected Products

References · 7