📦

vpn_router_5000

Vendor: nortel

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 4 Total Indexed

Avg. EPSS 1.29% Exploit Prob.

Latest CVE CVE-2007-2332 Apr 27

Security Vulnerability Index

Page 1 / 1

9.0 CVSS

CVE-2007-2332

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store.

EPSS: 0.59%

Severity: HIGH

Apr 27, 2007

10.0 CVSS

CVE-2007-2333

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network.

EPSS: 2.61%

Severity: HIGH

Apr 27, 2007

7.5 CVSS

CVE-2007-2334

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests.

EPSS: 1.20%

Severity: HIGH

Apr 27, 2007

5.0 CVSS

CVE-2005-1802

Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header.

EPSS: 0.76%

Severity: MEDIUM

May 27, 2005

Displaying 4 of 4 Total Entries

Total 1 Sections