CyberSec.Space Logo
CVEブラウザに戻る

CVE-2021-34795

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1150%
EPSS Percentile1.56th
Published2021年11月4日
Last Modified2024年11月21日

Vulnerability Description

Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory.

Affected Platforms (CPE)

💻
Cisco

Catalyst Pon Switch Cgp Ont 1p Firmware

< 1.1.1.14
💻
Cisco

Catalyst Pon Switch Cgp Ont 4p Firmware

< 1.1.3.17
💻
Cisco

Catalyst Pon Switch Cgp Ont 4pvc Firmware

< 1.1.3.17
💻
Cisco

Catalyst Pon Switch Cgp Ont 4tvcw Firmware

< 1.1.3.17
💻
Cisco

Catalyst Pon Switch Cgp Ont 4pv Firmware

< 1.1.3.17

References & Advisories

🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catpon-multivulns-CE3DSYGr
🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catpon-multivulns-CE3DSYGr

関連する脆弱性情報

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...