CVE-2002-0769
Cisco ATA 186 - Unauthenticated Authentication Bypass via HTTP POST Request
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2002-0769. PoCs published by Patrick Michael Kane.
AI-analyzed exploit summary This exploit leverages a vulnerability in the Cisco ATA-186 device where an HTTP request with a single character discloses sensitive configuration information, including administrative credentials. The provided curl command demonstrates the exploit by sending a minimal payload to the '/dev' endpoint.
Description
The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
Exploits (1)
This exploit leverages a vulnerability in the Cisco ATA-186 device where an HTTP request with a single character discloses sensitive configuration information, including administrative credentials. The provided curl command demonstrates the exploit by sending a minimal payload to the '/dev' endpoint.