CyberSec.Space Logo
Back to CVE Browser

CVE-2021-40113

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1980%
EPSS Percentile41.28th
PublishedNov 4, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory.

Affected Platforms (CPE)

πŸ’»
Cisco

Catalyst Pon Switch Cgp Ont 1p Firmware

< 1.1.1.14
πŸ’»
Cisco

Catalyst Pon Switch Cgp Ont 4p Firmware

< 1.1.3.17
πŸ’»
Cisco

Catalyst Pon Switch Cgp Ont 4pvc Firmware

< 1.1.3.17
πŸ’»
Cisco

Catalyst Pon Switch Cgp Ont 4tvcw Firmware

< 1.1.3.17
πŸ’»
Cisco

Catalyst Pon Switch Cgp Ont 4pv Firmware

< 1.1.3.17

References & Advisories

πŸ”— https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catpon-multivulns-CE3DSYGr
πŸ”— https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catpon-multivulns-CE3DSYGr

Related Vulnerabilities

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...