Primary

Context

Adtran 411 ONT Telnet Command Injection Vulnerability Allowing Privilege Escalation to Root

Vulnerability

A command injection vulnerability has been identified in the telnet service of the Adtran 411 ONT, specifically in firmware version L80.00.0011.M2. This vulnerability allows attackers to escalate privileges to root and execute arbitrary commands. The issue was discovered during a security audit, which also noted weak user passwords and additional command injection vulnerabilities in the web interface.

Impact

Exploitation of this vulnerability allows for unauthorized command execution with root privileges, potentially leading to full control over the affected device.

Remediation

Users are advised to update to version 24.3, where this vulnerability has been addressed.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.1

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.1

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Adtran 411 ONT Telnet Command Injection Vulnerability Allowing Privilege Escalation to Root

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating