An attacker with standard / low access rights within the web GUI is able to gain access to the CLI (if it has been previously disabled by the configuration) and escalate his privileges. Depending on the CLI features it is possible to extract the whole configuration and manipulate settings or gain access to debug features of the device, e.g. via "debug", "upgrade", "upload" etc. commands in the CLI. Attackers can gain access to sensitive configuration data such as VoIP credentials or other information and manipulate any settings of the device. Versions affected include ADB P.RG AV4202N, DV2210, VV2220, and VV5522.
90ac2bef39fc223d39c55dd25d8c1c7649eef240a5d176c34c393459939c1b5d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed