Vulnerabilities > Alliedtelesyn
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-23 | CVE-2006-6718 | Cross-Site Request Forgery vulnerability in AT-9000/24 The Allied Telesis AT-9000/24 Ethernet switch has a default password for its admin account, "manager," which allows remote attackers to perform unauthorized actions. | 7.5 |
| 2006-12-23 | CVE-2006-6717 | Unspecified vulnerability in Alliedtelesyn At-9000 24 Ethernetswitch The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations. | 7.5 |
| 2006-12-01 | CVE-2006-6184 | Remote Buffer Overflow vulnerability in Alliedtelesyn At-Tftp 1.9 Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command. | 10.0 |
| 2006-04-26 | CVE-2006-2030 | Denial-Of-Service vulnerability in At-9724Ts The Allied Telesyn AT-9724TS switch allows remote attackers to cause a denial of service via a large amount of UDP data to the switch, which leads to unstable operation and possibly failure of the management interface or routing. | 5.0 |
| 2002-12-31 | CVE-2002-2415 | Improper Input Validation vulnerability in Alliedtelesyn At-8024 and Rapier 24 Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero (null) bytes sent via UDP to a running service. | 6.8 |
| 2001-08-22 | CVE-2001-0617 | Remote Security vulnerability in Alliedtelesyn At-Ar220E 1.08A Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the portmapper and the 'Virtual Server' enabled can allow a remote attacker to gain access to mapped services even though the single portmappings may be disabled. | 7.5 |