cbcvebase.

Slican Cct-1668 vulnerabilities

3 known vulnerabilities affecting slican/cct-1668.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1

Vulnerabilities

Page 1 of 1
CVE-2026-35087P2CRITICALCVSS 9.3fixed in 6.56.04302026-05-27
CVE-2026-35087 [CRITICAL] CWE-288 CVE-2026-35087: Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypa Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version 6.56.0430 - MAC-6400: version 6.56.0430 - CXS-0424: v
nvd
CVE-2026-35090P2CRITICALCVSS 9.3fixed in 6.56.04302026-05-27
CVE-2026-35090 [CRITICAL] CWE-288 CVE-2026-35090: In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticate In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticated attacker can connect to the modem via a telephone with a specific caller ID. This allows them to bypass admin authentication and gain full access to the service protocol and configuration panel. This vulnerability is independent of the telephone e
nvd
CVE-2026-35089P3HIGHCVSS 8.7fixed in 6.56.04302026-05-27
CVE-2026-35089 [HIGH] CWE-1391 CVE-2026-35089: In Slican telephone exchanges secure key is generated in a predictable manner using properties of th In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can deduce the secure key and obtain admin credentials. This issue was fixed in versions below: - IPx series: version 6.61.0040 - CCT-1668: version 6.56.043
nvd
Slican Cct-1668 vulnerabilities | cvebase