CVE-2002-0540
Nortel CVX 1800 Multi-Service Access Switch - Unauthenticated SNMP Community String Exposure
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2002-0540. PoCs published by Michael Rawls.
AI-analyzed exploit summary This exploit leverages the default SNMP community string 'public' in Nortel CVX 1800 to retrieve sensitive information via snmpwalk. It demonstrates an information leakage vulnerability due to weak default credentials.
Description
Nortel CVX 1800 is installed with a default "public" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Michael Rawls · textremotehardware
https://www.exploit-db.com/exploits/21378
This exploit leverages the default SNMP community string 'public' in Nortel CVX 1800 to retrieve sensitive information via snmpwalk. It demonstrates an information leakage vulnerability due to weak default credentials.
Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Nortel CVX 1800 Multi-Service Access Switch
No auth needed
Prerequisites:
network access to the target device · SNMP service enabled on the target
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-04/0272.html
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/403315
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://online.securityfocus.com/archive/1/267627
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4507
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8848.php
Scores
EPSS
0.1990
EPSS Percentile
97.1%
Details
Status
published
Products (1)
nortel/cvx_1800_multi-service_access_switch
3.6.3 patch24 (3 CPE variants)
Published
Jul 03, 2002
Tracked Since
Feb 18, 2026