Vulnerabilities > Adtran > High

DATE CVE VULNERABILITY TITLE RISK
2024-07-24 CVE-2024-31970 Unspecified vulnerability in Adtran SDG Smartos
AdTran SRG 834-5 HDC17600021F1 devices (with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1) have SSH enabled by default, accessible both over the LAN and the Internet.
network
low complexity
adtran
8.8
2024-07-24 CVE-2024-31977 OS Command Injection vulnerability in Adtran 834-5 Firmware and SDG Smartos
Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility.
network
low complexity
adtran CWE-78
8.8
2024-07-24 CVE-2024-39345 OS Command Injection vulnerability in Adtran SDG Smartos
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address.
network
low complexity
adtran CWE-78
7.2
2021-04-20 CVE-2021-25681 Unspecified vulnerability in Adtran Personal Phone Manager 10.8.1
AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS.
network
low complexity
adtran
7.5
2019-03-27 CVE-2018-19648 Improper Privilege Management vulnerability in Adtran Pmaa 1.6.2/1.6.3
An issue was discovered in ADTRAN PMAA 1.6.2-1, 1.6.3, and 1.6.4.
network
low complexity
adtran CWE-269
8.8