Vulnerability in Slican Cct-1668

CVE-2026-35090

In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticated attacker can connect to the modem via a telephone with a specific caller ID. This allows them to bypass admin authentication and gain ful…

EPSS: 0.001 (27.8th percentile) — read the EPSS interpretation.

Affected products

Slican Cct-1668 — versions 0
Slican Cxs-0424 — versions 0
Slican Ipl-256 — versions 0
Slican Ipm-032 — versions 0
Slican Mac-6400 — versions 0

Weakness classification (CWE)

CWE-288 — Authentication Bypass Using an Alternate Path or Channel

References

cvd@cert.pl (third-party-advisory)