Vulnerabilities > Alliedtelesyn > AT 9000 24 Ethernetswitch
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-23 | CVE-2006-6718 | Cross-Site Request Forgery vulnerability in AT-9000/24 The Allied Telesis AT-9000/24 Ethernet switch has a default password for its admin account, "manager," which allows remote attackers to perform unauthorized actions. | 7.5 |
2006-12-23 | CVE-2006-6717 | Unspecified vulnerability in Alliedtelesyn At-9000 24 Ethernetswitch The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations. | 7.5 |