The vulnerability of the AWV component (Audio, Web, and Video Conferencing) of the Mitel MiCollab collaboration platform allows a perpetrator to execute arbitrary code.

The vulnerability of the AWV component Audio, Web, and Video Conferencing is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the AWV component (Audio, Web, and Video Conferencing) of the Mitel MiCollab collaboration platform allows attackers to carry out phishing attacks.

The vulnerability of the AWV Audio, Web, and Video Conferencing component of the Mitel MiCollab collaboration platform involves redirecting URLs to an unreliable website. Exploiting this vulnerability allows attackers to carry out phishing attacks using a specially created link...

CVE-2024-47224

A vulnerability in the AWV Audio, Web and Video Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to conduct a CRLF injection attack due to inadequate encoding of user input in URLs. A successful exploit could allow an attacker to perfo...

CVE-2024-47189

The API Interface of the AWV Audio, Web and Video Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to conduct SQL injection due to insufficient sanitization of user input. A successful exploit could allow an attacker with knowledge of...

CVE-2024-47189

The API Interface of the AWV Audio, Web and Video Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to conduct SQL injection due to insufficient sanitization of user input. A successful exploit could allow an attacker with knowledge of...

CVE-2024-47224

A vulnerability in the AWV Audio, Web and Video Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to conduct a CRLF injection attack due to inadequate encoding of user input in URLs. A successful exploit could allow an attacker to perfo...

CVE-2024-47224

The CVE concerns Mitel MiCollab’s AWV component, affecting versions prior to 9.8 SP1 FP2 (9.8.1.201). An unauthenticated attacker can exploit inadequate encoding of user input in URLs to perform a CRLF injection, enabling phishing via crafted links. Red Hat and related feeds corroborate the issue...