Aggregates CVE and security vulnerability intelligence across all allied-telesis-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk command injection and related security problems, affecting vendor surface software deployment and vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-38394 | Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command. | [email protected] | 9.8 | 1.75% | 2022-09-08 | 2024-11-21 |
| CVE-2022-38094 | OS command injection vulnerability in the telnet function of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command. | [email protected] | 8.8 | 3.45% | 2022-09-08 | 2024-11-21 |
| CVE-2022-35273 | OS command injection vulnerability in GUI setting page of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command. | [email protected] | 8.8 | 3.45% | 2022-09-08 | 2024-11-21 |
| CVE-2022-34869 | Undocumented hidden command that can be executed from the telnet function of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command. | [email protected] | 8.8 | 0.83% | 2022-09-08 | 2024-11-21 |