Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2019-9229 |
CWE-ID | CWE-798 |
Exploitation vector | Local network |
Public exploit | N/A |
Vulnerable software Subscribe |
AudioCodes Mediant 800C-MSBR Hardware solutions / Routers & switches, VoIP, GSM, etc AudioCodes Mediant M800B-MSBR Hardware solutions / Routers & switches, VoIP, GSM, etc AudioCodes Mediant 500-MBSR Hardware solutions / Routers & switches, VoIP, GSM, etc AudioCodes Mediant 500L-MSBR Hardware solutions / Routers & switches, VoIP, GSM, etc |
Vendor | AudioCodes |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU19307
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-9229
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain full access to vulnerable system.
The vulnerability exists due to presence of hard-coded credentials in an internal interface, which is exposed to the link-local address 169.254.254.253. A local unauthenticated attacker can access multiple quagga VTYs with the default password "1234" that cannot be changed and execute malicious and unauthorized actions.
Install updates from vendor's website.
Vulnerable software versionsAudioCodes Mediant 800C-MSBR: F7.20A - F7.20A.251
AudioCodes Mediant M800B-MSBR: F7.20A - F7.20A.251
AudioCodes Mediant 500-MBSR: F7.20A - F7.20A.251
AudioCodes Mediant 500L-MSBR: F7.20A - F7.20A.251
AudioCodes Mediant 500L-MSBR: before
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.