Security advisory - CVE-2019-9229

Remote Access to internal quagga interface with hard coded credentials in AudioCodes Mediant family

Affected Products


AudioCodes Mediant family of multi-service business routers (MSBRs) offers service providers a range of all-in-one SOHO, SMB and SME routers combining access, data, voice and security into a single device.[1]
During our research we found a DoS(CVE-2019-9228), a XXS(CVE-2019-9230) and CSRF(CVE-2019-9231) vulnerability. Although we could gain access to quagga VTYs(CVE-2019-9229).



An internal interface exposed to the link-local address allows attackers in the local network to access multiple quagga VTYs. Attackers can authenticate with the default password "1234" that cannot be changed, and can execute malicious and unauthorized actions.

Affected Versions

F7.20A to F7.20A.251


Update to F7.20A.252 or higher.

Disclosure Timeline

2019/02/14 vendor contacted
2019/02/14 initial vendor response
2019/02/14 vendor informs about start of review process
2019/02/15 vendor requests further details
2019/02/15 further details provided
2019/02/18 vendor informs about detail analysis
2019/02/19 vendor confirmation, planned fixes and roadmap provided
2019/03/01 CVEs assigned
2019/06/28 vendor informs that planned fixes are published