The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
Max CVSS
6.4
EPSS Score
0.36%
Published
2002-08-12
Updated
2008-09-05
1 vulnerabilities found