Vulnerabilities > Adtran > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-07-24 CVE-2024-31971 Cross-site Scripting vulnerability in Adtran Netvanta 3120 Firmware 18.01.01.00.E
Multiple stored cross-site scripting (XSS) vulnerabilities on AdTran NetVanta 3120 18.01.01.00.E devices allow remote attackers to inject arbitrary JavaScript, as demonstrated by /mainPassword.html, /processIdentity.html, /public.html, /dhcp.html, /private.html, /hostname.html, /connectivity.html, /NetworkMonitor.html, /trafficMonitoringConfig.html, and /wizardMain.html.
network
low complexity
adtran CWE-79
4.8
2021-04-20 CVE-2021-25680 Cross-site Scripting vulnerability in Adtran Personal Phone Manager 10.8.1
The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues.
network
low complexity
adtran CWE-79
6.1
2021-04-20 CVE-2021-25679 Cross-site Scripting vulnerability in Adtran Personal Phone Manager 10.8.1
The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues.
network
low complexity
adtran CWE-79
5.4
2013-12-30 CVE-2013-5210 Cross-Site Scripting vulnerability in Adtran Aos, Netvanta 7060 and Netvanta 7100
Cross-site scripting (XSS) vulnerability in the GUI login page in ADTRAN AOS before R10.8.1 on the NetVanta 7100 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
adtran CWE-79
4.3
2005-12-29 CVE-2005-4564 Multiple Unspecified vulnerability in ADTRAN NetVanta Products IKE Traffic
The Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN NetVanta before 10.03.03.E might allow remote attackers to cause a denial of service via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
network
low complexity
adtran
5.0