Compact 5500r CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-40859	1 Auerswald	2 Compact 5500r, Compact 5500r Firmware	2024-11-21	9.8 Critical
Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device.
CVE-2021-40858	1 Auerswald	20 Commander 6000r Ip, Commander 6000r Ip Firmware, Commander 6000rx Ip and 17 more	2024-11-21	4.9 Medium
Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring.
CVE-2021-40857	1 Auerswald	20 Commander 6000r Ip, Commander 6000r Ip Firmware, Commander 6000rx Ip and 17 more	2024-11-21	8.8 High
Auerswald COMpact 5500R devices before 8.2B allow Privilege Escalation via the passwd=1 substring.

Page 1 of 1.