Vulnerabilities > CVE-2001-1426 - Unspecified vulnerability in Alcatel Speed Touch Home

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

alcatel

NVD

Published: 2001-04-10

Updated: 2017-07-11

Summary

Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote attackers to change firmware versions or the device's configurations.

Vulnerable Configurations

Part	Description	Count
Hardware	Alcatel Alcatel Speed Touch Home Khdsaa.108 Alcatel Speed Touch Home Khdsaa.132 Alcatel Speed Touch Home Khdsaa.133 Alcatel Speed Touch Home Khdsaa.134	4

References

http://www.cert.org/advisories/CA-2001-08.html
http://www.kb.cert.org/vuls/id/490344
http://www.securityfocus.com/archive/1/175229
http://www.securityfocus.com/bid/2566
https://exchange.xforce.ibmcloud.com/vulnerabilities/6336