Allied-Telesis Centrecom Ar260S Firmware vulnerabilities
4 known vulnerabilities affecting allied-telesis/centrecom_ar260s_firmware.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3
Vulnerabilities
Page 1 of 1
CVE-2022-38394P2CRITICALCVSS 9.8fixed in 3.3.72022-09-08
CVE-2022-38394 [CRITICAL] CWE-798 CVE-2022-38394: Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior t
Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command.
nvd
CVE-2022-38094P2HIGHCVSS 8.8fixed in 3.3.72022-09-08
CVE-2022-38094 [HIGH] CWE-78 CVE-2022-38094: OS command injection vulnerability in the telnet function of CentreCOM AR260S V2 firmware versions p
OS command injection vulnerability in the telnet function of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command.
nvd
CVE-2022-35273P2HIGHCVSS 8.8fixed in 3.3.72022-09-08
CVE-2022-35273 [HIGH] CWE-78 CVE-2022-35273: OS command injection vulnerability in GUI setting page of CentreCOM AR260S V2 firmware versions prio
OS command injection vulnerability in GUI setting page of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command.
nvd
CVE-2022-34869P3HIGHCVSS 8.8fixed in 3.3.72022-09-08
CVE-2022-34869 [HIGH] CVE-2022-34869: Undocumented hidden command that can be executed from the telnet function of CentreCOM AR260S V2 fir
Undocumented hidden command that can be executed from the telnet function of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command.
nvd