CVE-2011-0354

Cisco Tandberg C Series & E/EX Units < TC4.0.0 - Unauthenticated Root Access

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-0354. PoCs published by Cisco Security.

AI-analyzed exploit summary This is a Cisco Security Advisory detailing a vulnerability in Tandberg C Series Endpoints and E/EX Personal Video units where a root account is enabled by default with no password. The advisory provides affected versions, workarounds, and mitigation steps.

Description

The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote attackers to obtain access via an unspecified login method.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Cisco Security · textremotehardware

https://www.exploit-db.com/exploits/16100

View Code ZIP pw:eip

This is a Cisco Security Advisory detailing a vulnerability in Tandberg C Series Endpoints and E/EX Personal Video units where a root account is enabled by default with no password. The advisory provides affected versions, workarounds, and mitigation steps.

Classification

Writeup 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Tandberg C Series Endpoints and E/EX Personal Video units (software versions prior to TC4.0.0)

No auth needed

Prerequisites: Network access to the affected device

MITRE ATT&CK

T1078 - Valid Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1025017

Various Sources x_refsource_confirm

http://tools.cisco.com/security/center/viewAlert.x?alertId=22314

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/8060

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/46107

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/436854

Vendor Advisory vendor-advisory x_refsource_cisco

http://www.cisco.com/en/US/products/ps11422/products_security_advisory09186a0080b69541.shtml

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/16100

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/43158

Scores

EPSS 0.1399

EPSS Percentile 96.1%

Details

CWE

CWE-255

Status published

Products (19)

cisco/tandberg_endpoint tc2.1.2

cisco/tandberg_endpoint tc3.0.0

cisco/tandberg_endpoint tc3.1.0

cisco/tandberg_endpoint tc3.1.1

cisco/tandberg_endpoint tc3.1.2

cisco/tandberg_endpoint c20

cisco/tandberg_endpoint c40

cisco/tandberg_endpoint c60

cisco/tandberg_endpoint c90

cisco/tandberg_endpoint < tc3.1.3

... and 9 more

Published Feb 03, 2011

Tracked Since Feb 18, 2026