Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-3962

Malware in sbrugna...

10CVSS8.3AI score0.02985EPSS
Exploits1References2
CNVD
CNVD
added 2019/07/24 12:0 a.m.2 views

AKUVOX NETWORKS R50P VoIP phone Trust Management Issue Vulnerability

AKUVOX NETWORKS R50P VoIP phone is an IP phone from AKUVOX NETWORKS, China. A trust management issue vulnerability exists in AKUVOX NETWORKS R50P VoIP phone version 50.0.6.156, which arises from the lack of an effective trust management mechanism in a networked system or product, and can be...

10CVSS6.9AI score0.01896EPSS
Exploits1References1
CNVD
CNVD
added 2019/07/23 12:0 a.m.2 views

AKUVOX NETWORKS R50P VoIP phone file uploading

AKUVOX NETWORKS R50P VoIP phone is an IP phone from AKUVOX NETWORKS, China. A file upload vulnerability exists in the ringtone upload feature in AKUVOX NETWORKS R50P VoIP phone version 50.0.6.156, which can be exploited to upload script files due to a lack of file and path validation...

10CVSS7AI score0.02985EPSS
Exploits1References1
NVD
NVD
added 2019/07/22 6:15 p.m.17 views

CVE-2019-12327

Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 allow an attacker to get access to the device via telnet. The telnet service is running on port 2323; it cannot be turned off and the credentials cannot be changed...

10CVSS7.6AI score0.01896EPSS
Exploits1References1
Prion
Prion
added 2019/07/22 6:15 p.m.18 views

Hardcoded credentials

Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 allow an attacker to get access to the device via telnet. The telnet service is running on port 2323; it cannot be turned off and the credentials cannot be changed...

10CVSS9.3AI score0.01896EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/22 5:30 p.m.16 views

CVE-2019-12327

Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 allow an attacker to get access to the device via telnet. The telnet service is running on port 2323; it cannot be turned off and the credentials cannot be changed...

7.2CVSS9.4AI score0.01896EPSS
Exploits1References1
OSV
OSV
added 2019/07/22 5:15 p.m.4 views

CVE-2019-12326

Missing file and path validation in the ringtone upload function of the Akuvox R50P VoIP phone 50.0.6.156 allows an attacker to upload a manipulated ringtone file, with an executable payload shell commands within the file and trigger code execution...

9.8CVSS7.3AI score0.02985EPSS
Exploits1References1
NVD
NVD
added 2019/07/22 5:15 p.m.16 views

CVE-2019-12326

Missing file and path validation in the ringtone upload function of the Akuvox R50P VoIP phone 50.0.6.156 allows an attacker to upload a manipulated ringtone file, with an executable payload shell commands within the file and trigger code execution...

10CVSS7.9AI score0.02985EPSS
Exploits1References1
Prion
Prion
added 2019/07/22 5:15 p.m.14 views

Input validation

Missing file and path validation in the ringtone upload function of the Akuvox R50P VoIP phone 50.0.6.156 allows an attacker to upload a manipulated ringtone file, with an executable payload shell commands within the file and trigger code execution...

10CVSS9.6AI score0.02985EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/07/22 4:15 p.m.20 views

CVE-2019-12324

A command injection missing input validation issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters i...

9CVSS7.3AI score0.04343EPSS
Exploits1References1
OSV
OSV
added 2019/07/22 4:15 p.m.4 views

CVE-2019-12324

A command injection missing input validation issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters i...

7.2CVSS7.2AI score0.04343EPSS
Exploits1References1
Prion
Prion
added 2019/07/22 4:15 p.m.16 views

Command injection

A command injection missing input validation issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters i...

9CVSS7.3AI score0.04343EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/22 4:5 p.m.18 views

CVE-2019-12326

Missing file and path validation in the ringtone upload function of the Akuvox R50P VoIP phone 50.0.6.156 allows an attacker to upload a manipulated ringtone file, with an executable payload shell commands within the file and trigger code execution...

7.2CVSS9.7AI score0.02985EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/07/22 3:35 p.m.18 views

CVE-2019-12324

A command injection missing input validation issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters i...

7.2CVSS7.3AI score0.04343EPSS
Exploits1References1
Rows per page
Query Builder