CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

ATTACKERKB•added 2023/05/29 9:15 p.m.•2 views

CVE-2022-24629

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. Remote code execution can be achieved via directory traversal in the dir parameter of the file upload functionality of BrowseFiles.php. An attacker can upload a .php file to WebAdmin/admin/AudioCodesfiles/ajax/...

9.8CVSS7.6AI score0.42439EPSS

Exploits4References2

OSV•added 2023/05/29 9:15 p.m.•0 views

CVE-2022-24630

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. BrowseFiles.php allows a ?cmd=ssh POST request with an sshcommand field that is executed...

7.2CVSS5.8AI score

Exploits0References1

OSV•added 2023/05/29 9:15 p.m.•0 views

CVE-2022-24632

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is directory traversal during file download via the BrowseFiles.php view parameter...

5.3CVSS5.8AI score

Exploits0References1

ATTACKERKB•added 2023/05/29 9:15 p.m.•3 views

CVE-2022-24630

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. BrowseFiles.php allows a ?cmd=ssh POST request with an sshcommand field that is executed...

7.2CVSS7.1AI score0.25921EPSS

Exploits4References2

Prion•added 2023/05/29 9:15 p.m.•14 views

Directory traversal

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is directory traversal during file download via the BrowseFiles.php view parameter...

5CVSS6.3AI score0.31818EPSS

Exploits4References1Affected Software1

Prion•added 2023/05/29 9:15 p.m.•11 views

Cross site request forgery (csrf)

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. BrowseFiles.php allows a ?cmd=ssh POST request with an sshcommand field that is executed...

5.8CVSS7.4AI score0.25921EPSS

Exploits4References1Affected Software1

Positive Technologies•added 2023/05/29 12:0 a.m.•3 views

PT-2023-12764 · Audiocodes · Audiocodes Device Manager Express

Name of the Vulnerable Software and Affected Versions: AudioCodes Device Manager Express versions through 7.8.20002.47752 Description: The issue concerns directory traversal during file download. This occurs via the view parameter in the "BrowseFiles.php" endpoint. Recommendations: For versions...

5.3CVSS5.2AI score0.31818EPSS

Exploits4References3

Cvelist•added 2023/05/29 12:0 a.m.•17 views

CVE-2022-24632

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is directory traversal during file download via the BrowseFiles.php view parameter...

6.6AI score0.31818EPSS

Exploits4References1

CVE•added 2023/05/29 12:0 a.m.•33 views

CVE-2022-24630

AudioCodes Device Manager Express (versions up to 7.8.20002.47752) contains a vulnerability in BrowseFiles.php where a POST request with cmd=ssh and an ssh_command field is executed, enabling remote code execution. This affects the vulnerable command handling path and can lead to RCE. Public expl...

7.2CVSS8.1AI score0.25921EPSS

Exploits4References1Affected Software1

Cvelist•added 2023/05/29 12:0 a.m.•12 views

CVE-2022-24630

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. BrowseFiles.php allows a ?cmd=ssh POST request with an sshcommand field that is executed...

7.7AI score0.25921EPSS

Exploits4References1

CNNVD•added 2023/02/24 12:0 a.m.•3 views

AudioCodes Device Manager Express 命令注入漏洞

AudioCodes Device Manager Express is a powerful lifecycle management tool for AudioCodes IP Phones, EPOS and Jabra headsets and speakers from AudioCodes Israel. A command injection vulnerability exists in AudioCodes Device Manager Express 7.8.20002.47752 and prior versions, which stems from remot...

7.2CVSS7.8AI score0.25921EPSS

Exploits4References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by