CVE-2011-3997

Opengear console server <2.2.1 - Auth Bypass

Title source: llm

Description

Opengear console servers with firmware before 2.2.1 allow remote attackers to bypass authentication, and modify settings or access connected equipment, via unspecified vectors.

References (2)

[Third Party Advisory] http://jvn.jp/en/jp/JVN71349007/index.html

[Third Party Advisory] http://jvndb.jvn.jp/jvndb/JVNDB-2011-000096

Scores

EPSS 0.0031

EPSS Percentile 54.0%

Classification

CWE

CWE-287

Status draft

Affected Products (14)

opengear/opengear_console_server_firmware < 2.1.0u7

opengear/opengear_console_server_firmware

opengear/acm5000_console_server

opengear/cm4000_console_server

opengear/im4004-5_console_server

opengear/im4200_console_server

opengear/img4000_console_server

opengear/kcs6000_rackside_console_server

Timeline

Published Nov 09, 2011

Tracked Since Feb 18, 2026