CNNVD-202511-361 Information

CNNVD ID

CNNVD-202511-361

Related CVE

CVE-2025-35021

• CNNVD Published: 2025-11-04

Description (Chinese)

Abilis CPX是意大利Abilis公司的一系列、语音和数据网管设备软件平台。 Abilis CPX存在安全漏洞，该漏洞源于SSH身份验证失败三次后可登录受限shell，可能导致连接中继攻击。

Description (English)

Abilis CPX is a software platform for a series of voice and data network devices for Abilis, Italy. Abilis CPX has a security loophole, which stems from the limited access to the shell after three SSH identification failures, which could lead to a connection relay attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Abilis

Published

2025-11-04

Last Modified

2026-02-24

References

https://support.abilis.net/relnotes/cpx2k/R9.0.html#R9.0.7 https://takeonme.org/gcves/GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100 https://www.runzero.com/advisories/abilis-cpx-authentication-bypass-cve-2025-35021/

Patch

https://support.abilis.net/