Vulnerabilities > 3Com > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-12 | CVE-2007-5419 | Configuration vulnerability in 3Com 3Crwe554G72T 3Crwer10075 The 3Com 3CRWER100-75 router with 1.2.10ww software, when enabling an optional virtual server, configures this server to accept all source IP addresses on the external (Internet) interface unless the user selects other options, which might expose the router to unintended incoming traffic from remote attackers, as demonstrated by setting up a virtual server on port 80, which allows remote attackers to access the web management interface. | 10.0 |
| 2006-12-01 | CVE-2006-6183 | Buffer Errors vulnerability in 3Com 3Ctftpsvc 2.0.1 Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long mode field (aka transporting mode) in a (1) GET or (2) PUT command. | 10.0 |
| 2004-12-06 | CVE-2004-0477 | Remote 812 ADSL Router Web Interface Authentication Bypass vulnerability in 3Com 3Cp4144 1.1.9.4 Unknown vulnerability in 3Com OfficeConnect Remote 812 ADSL Router allows remote attackers to bypass authentication via repeated attempts using any username and password. | 10.0 |
| 2001-07-12 | CVE-2001-1291 | Improper Restriction of Excessive Authentication Attempts vulnerability in 3Com Superstack II PS HUB 40 Firmware The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote attackers who provide an incorrect username or password, which makes it easier to break into the server via brute force password guessing. | 9.8 |