Alliedtelesyn: Security Vulnerabilities
The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations.
CVSS Score
7.5
EPSS Score
0.009
Published
2006-12-23
The Allied Telesis AT-9000/24 Ethernet switch has a default password for its admin account, "manager," which allows remote attackers to perform unauthorized actions.
CVSS Score
7.5
EPSS Score
0.006
Published
2006-12-23
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
CVSS Score
10.0
EPSS Score
0.79
Published
2006-12-01
The Allied Telesyn AT-9724TS switch allows remote attackers to cause a denial of service via a large amount of UDP data to the switch, which leads to unstable operation and possibly failure of the management interface or routing.
CVSS Score
5.0
EPSS Score
0.007
Published
2006-04-26
Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero (null) bytes sent via UDP to a running service.
CVSS Score
6.8
EPSS Score
0.009
Published
2002-12-31
Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the portmapper and the 'Virtual Server' enabled can allow a remote attacker to gain access to mapped services even though the single portmappings may be disabled.
CVSS Score
7.5
EPSS Score
0.006
Published
2001-08-22