Security advisory - CVE-2019-9228

SSH and TELNET DoS (connection slot exhaustion) in AudioCodes Mediant family

Affected Products


AudioCodes Mediant family of multi-service business routers (MSBRs) offers service providers a range of all-in-one SOHO, SMB and SME routers combining access, data, voice and security into a single device.[1]
During our research we found a DoS(CVE-2019-9228), a XXS(CVE-2019-9230) and CSRF(CVE-2019-9231) vulnerability. Although we could gain access to quagga VTYs(CVE-2019-9229).



The management SSH and management TELNET features allow remote attackers to cause a denial of service (connection slot exhaustion) via 5 unauthenticated connection attempts, because the maximum number of unauthenticated clients that can be configured is 5.

Affected Versions

F7.20A at least to 7.20A.252.062.
The vendor's position is that this is a design choice, because having a higher value would put a higher load on the system resources. There will be no fix, because the Risk is classified as acceptable.


Restrict the access to the interfaces via Access Lists.

Disclosure Timeline

2019/02/14 vendor contacted
2019/02/14 initial vendor response
2019/02/14 vendor informs about start of review process
2019/02/15 vendor requests further details
2019/02/15 further details provided
2019/02/18 vendor informs about detail analysis
2019/02/19 vendor confirmation, planned fixes and roadmap provided
2019/03/01 CVEs assigned
2019/06/28 vendor informs that planned fixes are published