CVE-2021-25309

The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does not implement any lockout or throttling functionality. This situation (together with the weak password policy that forces a 4-digit password) allows remote attackers to easily obtain administrative access via brute-force attacks.
Configurations

Configuration 1


Information

Published : 2021-03-02 01:15

Updated : 2022-04-26 04:00


NVD link : CVE-2021-25309

Mitre link : CVE-2021-25309

Products Affected
No products.
CWE
CWE-307

Improper Restriction of Excessive Authentication Attempts

CWE-521