Vulnerabilities > Adtran > SDG Smartos > High

DATE CVE VULNERABILITY TITLE RISK
2024-07-24 CVE-2024-31970 Unspecified vulnerability in Adtran SDG Smartos
AdTran SRG 834-5 HDC17600021F1 devices (with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1) have SSH enabled by default, accessible both over the LAN and the Internet.
network
low complexity
adtran
8.8
8.8
2024-07-24 CVE-2024-31977 OS Command Injection vulnerability in Adtran 834-5 Firmware and SDG Smartos
Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility.
network
low complexity
adtran CWE-78
8.8
8.8
2024-07-24 CVE-2024-39345 OS Command Injection vulnerability in Adtran SDG Smartos
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address.
network
low complexity
adtran CWE-78
7.2
7.2