How severe is CVE-2019-9229?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2019-9229?

This is classified as CWE-798, which is a common weakness in software security.

CVE-2019-9229 - HIGH Severity | CVSS 8.8

Vulnerability Description

An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.251. An internal interface exposed to the link-local address 169.254.254.253 allows attackers in the local network to access multiple quagga VTYs. Attackers can authenticate with the default 1234 password that cannot be changed, and can execute malicious and unauthorized actions.

Related Vulnerabilities

CVE-2016-9495

HIGH

CVSS:8.8(High)

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of ...

CWE-7982016

CVE-2017-18373

HIGH

CVSS:8.8(High)

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username tru...

CWE-7982017

CVE-2017-18374

HIGH

CVSS:8.8(High)

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has two user accounts with default passwords, including a hardcoded service account with the usernam...

CWE-7982017

CVE-2017-2280

HIGH

CVSS:8.8(High)

WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device.

CWE-7982017

CVE-2017-9488

HIGH

CVSS:8.8(High)

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) and DPC3941T (firmware version DPC3941_2.5s3_PROD_sey) devices allows remote attackers to access the...

CWE-7982017

CVE-2018-0663

HIGH

CVSS:8.8(High)

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials whi...

CWE-7982018