CVE-2001-1426 | Vulnerability Database | Aqua Security

Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote attackers to change firmware versions or the devices configurations.

Affected Software

Name	Vendor	Start Version	End Version
Speed_touch_home	Alcatel	khdsaa.108 (including)	khdsaa.108 (including)
Speed_touch_home	Alcatel	khdsaa.132 (including)	khdsaa.132 (including)
Speed_touch_home	Alcatel	khdsaa.133 (including)	khdsaa.133 (including)
Speed_touch_home	Alcatel	khdsaa.134 (including)	khdsaa.134 (including)

References

http://www.cert.org/advisories/CA-2001-08.html
http://www.kb.cert.org/vuls/id/490344
http://www.securityfocus.com/archive/1/175229
http://www.securityfocus.com/bid/2566
https://exchange.xforce.ibmcloud.com/vulnerabilities/6336
http://www.cert.org/advisories/CA-2001-08.html
http://www.kb.cert.org/vuls/id/490344
http://www.securityfocus.com/archive/1/175229
http://www.securityfocus.com/bid/2566
https://exchange.xforce.ibmcloud.com/vulnerabilities/6336

NVD	https://nvd.nist.gov/vuln/detail/CVE-2001-1426
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html