
CVE-2021-40856 Scanner
CVE-2021-40856 scanner - Authentication Bypass vulnerability in Auerswald COMfortel 1400 IP and 2600 IP
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month 11 days
Scan only one
Domain, IPv4, Subdomain
Toolbox
Auerswald COMfortel 1400 IP and 2600 IP are VoIP phones designed for business use. They are equipped with a host of features that make them suitable for use in small to medium-sized business environments, such as high-quality audio, flexible configuration options, and a user-friendly interface. These devices are popular among businesses that need to communicate with customers, suppliers, and employees in different locations.
Recently, a vulnerability was detected in these devices, known as CVE-2021-40856. This vulnerability allows attackers to bypass authentication by using the /about/../ substring. This means that an attacker can gain unauthorized access to the device without needing a username or password. This vulnerability can also be exploited remotely, making it a serious threat to the security of businesses that rely on these devices.
If this vulnerability is exploited, it can lead to a number of serious consequences. For example, an attacker could use the device to make unauthorized calls, listen in on conversations, or even plant malware on the network. Additionally, an attacker could use the device as a springboard to launch further attacks against other devices on the network.
At s4e.io, our pro features enable you to quickly and easily identify vulnerabilities in your digital assets. Our platform scans your devices and networks for vulnerabilities, and provides you with detailed reports on any issues found. With our platform, you can rest assured that your business is protected against the latest threats, including the CVE-2021-40856 vulnerability detected in the Auerswald COMfortel 1400 IP and 2600 IP devices.
REFERENCES
- http://packetstormsecurity.com/files/165162/Auerswald-COMfortel-1400-2600-3600-IP-2.8F-Authentication-Bypass.html
- https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses
- https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-004/-auerswald-comfortel-1400-2600-3600-ip-authentication-bypass