Critical

CVE-2002-1629 - Unspecified vulnerability in Multi-Tech Proxyserver

Publication: 2002-12-31
Summary

Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attackers to gain administrative privileges via Telnet or HTTP.

Risk level (CVSS 10)

Critical

10.0

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Multi-tech Proxyserver mtpsr1
  • Multi-tech Proxyserver mtpsr1
  • Multi-tech Proxyserver mtpsr1
  • Multi-tech Proxyserver mtpsr2
  • Multi-tech Proxyserver mtpsr3