CVE-2021-35336
published 2021-07-01CVE-2021-35336: Tieline IP Audio Gateway 2.6.4.8 and below is affected by Incorrect Access Control. A vulnerability in the Tieline Web Administrative Interface could allow an…
PriorityP275critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
11.59%
95.5th percentile
Tieline IP Audio Gateway 2.6.4.8 and below is affected by Incorrect Access Control. A vulnerability in the Tieline Web Administrative Interface could allow an unauthenticated user to access a sensitive part of the system with a high privileged account.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tieline | ip_audtio_gateway_firmware | <= 2.6.4.8 | — |
Detection & IOCsextracted from sources · hover to see the quote
otheradmin:password
sigma
type: word part: header words: - "text/xml" - type: status status: - 200
- →Probe for unauthenticated access to sensitive administrative endpoints on Tieline IP Audio Gateway by checking for HTTP 200 responses with Content-Type: text/xml, which may indicate successful unauthorized access to a privileged interface.
- →The vulnerability targets the Tieline Web Administrative Interface; monitor for unauthenticated requests reaching high-privilege administrative paths on devices running firmware version 2.6.4.8 and below. ↗
- ·Default credentials (admin:password) are referenced in the exploit template, suggesting the device may ship with or revert to weak default credentials that enable or compound this access control bypass.
- ·The exploit template uses a nuclei-style condition requiring BOTH a text/xml Content-Type header AND an HTTP 200 status code to confirm successful exploitation; both conditions must be met for a positive match.
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access
nuclei·CVSS 9.8
CVE-2021-35336 [CRITICAL] Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access
Tieline IP Audio Gateway "
- ""
condition: and
- type: word
part: header
words:
- "text/xml"
- type: status
status:
- 200
# admin:password
# digest: 490a004630440220116f879780aae5f4129ff829eaee568910220b0515458d60d6a83c04279c86cc0220047e90766413138c0869c13ea4b1a3ff6684cf6b769b38133e04628123fe2596:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
2021-07-01
Published