Primary

Context

Adtran 411 ONT Incorrect Access Control Vulnerability Allowing Unauthorized Password Changes

Vulnerability

A vulnerability in the Adtran 411 ONT, specifically in firmware version L80.00.0011.M2, has been identified that allows unauthorized attackers to arbitrarily change the admin password. This issue arises from incorrect access control, enabling unprivileged users to modify admin account credentials. Additionally, the vulnerability allows any user account to access and dump a configuration file containing the admin password.

Impact

Exploitation of this vulnerability could lead to unauthorized users gaining administrative access by changing the admin password, potentially allowing further exploitation of the device or network.

Remediation

Users are advised to update to version 24.3, where this vulnerability has been addressed.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Adtran 411 ONT Incorrect Access Control Vulnerability Allowing Unauthorized Password Changes

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating