Vulnerability Description
Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Auerswald | Compact 5500R Firmware | 7.8a |
| Auerswald | Compact 5500R | - |
References
- https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerabiThird Party Advisory
- https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compacExploitThird Party Advisory
- https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerabiThird Party Advisory
- https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compacExploitThird Party Advisory
FAQ
What is CVE-2021-40859?
CVE-2021-40859 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device.
How severe is CVE-2021-40859?
CVE-2021-40859 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-40859?
Check the references section above for vendor advisories and patch information. Affected products include: Auerswald Compact 5500R Firmware, Auerswald Compact 5500R.