Search

Find a vulnerability

Search criteria

    1 vulnerability found for CPX by Abilis

    GCVE-1337-2025-000000000… (CVE-2025-35021)

    Vulnerability from gna-1337 – Published: 2025-11-04 00:23 – Updated: 2025-11-04 00:23
    VLAI
    Title
    Abilis CPX Fallback Shell Connection Relay
    Summary
    By failing to authenticate three times to an unconfigured Abilis CPX device via SSH, an attacker can login to a restricted shell on the fourth attempt, and from there, relay connections.
    CWE
    • CWE-1188 - Insecure Default Initialization of Resource
    Assigner
    Impacted products
    Vendor Product Version
    Abilis CPX Affected: 0 , < 9.0.7 (semver)
    Create a notification for this product.
    Date Public
    2025-11-04 00:06
    Credits
    HD Moore Tod Beardsley AHA!

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CPX",
              "vendor": "Abilis",
              "versions": [
                {
                  "lessThan": "9.0.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "HD Moore"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Tod Beardsley"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "AHA!"
            }
          ],
          "datePublic": "2025-11-04T00:06:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "By failing to authenticate three times to an unconfigured Abilis CPX device via SSH, an attacker can login to a restricted shell on the fourth attempt, and from there, relay connections."
                }
              ],
              "value": "By failing to authenticate three times to an unconfigured Abilis CPX device via SSH, an attacker can login to a restricted shell on the fourth attempt, and from there, relay connections."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1188",
                  "description": "CWE-1188 Insecure Default Initialization of Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-04T00:23:23.924Z",
            "orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43",
            "shortName": "AHA"
          },
          "references": [
            {
              "tags": [
                "technical-description"
              ],
              "url": "https://takeonme.org/cves/cve-2025-35021/"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://takeonme.org/gcves/GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://support.abilis.net/relnotes/cpx2k/R9.0.html#R9.0.7"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Abilis CPX Fallback Shell Connection Relay",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43",
        "assignerShortName": "AHA",
        "cveId": "CVE-2025-35021",
        "datePublished": "2025-11-04T00:23:23.924Z",
        "dateReserved": "2025-04-15T20:40:32.308Z",
        "dateUpdated": "2025-11-04T00:23:23.924Z",
        "serial": 1,
        "state": "PUBLISHED",
        "vulnId": "GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }