36 matches found
CVE-2022-31784
A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker that has network access to the management interface to conduct a buffer overflow attack due to insufficient validation of URL...
CVE-2022-26143
The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...
CVE-2024-35315
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance MiVB SVI 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker...
The vulnerability of the MiCollab Desktop Client client of the collaborative work platform MiCollab, along with the virtual instance of the MiVoice Business Solution Virtual Instance (MiVB SVI), allows a perpetrator to execute arbitrary code.
The vulnerability of the MiCollab Desktop Client client of the MiCollab collaboration platform, as well as the virtual instance of the MiVoice Business Solution Virtual Instance MiVB SVI, is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allo...
The vulnerability of the client server MiCollab of the collaborative work platform MiCollab, as well as the virtual instance of the business solution MiVoice Business Solution Virtual Instance (MiVB SVI), allows a perpetrator to execute arbitrary commands.
The vulnerability of the client server of the collaborative work platform MiCollab, as well as the virtual instance of the business solution MiVoice Business Solution Virtual Instance MiVB SVI, is related to the failure to take measures to neutralize special elements. Exploiting this vulnerabilit...
CVE-2024-41714
A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 9.8.1.5 and MiVoice Business Solution Virtual Instance MiVB SVI through 1.0.0.27 could allow an authenticated attacker to conduct a command injection attack, due to insufficient parameter sanitization. A successful...
CVE-2024-41714
A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 9.8.1.5 and MiVoice Business Solution Virtual Instance MiVB SVI through 1.0.0.27 could allow an authenticated attacker to conduct a command injection attack, due to insufficient parameter sanitization. A successful...
CVE-2024-35315
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance MiVB SVI 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker...
CVE-2024-35314
Affects Mitel MiCollab Desktop Client (versions ≤ 9.7.1.110) and MiVoice Business Solution Virtual Instance (MiVB SVI ≤ 1.0.0.25). The vulnerability is a command injection caused by insufficient parameter sanitization, enabling an unauthenticated attacker to execute arbitrary scripts with user in...
CVE-2024-35315
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance MiVB SVI 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker...
CVE-2024-35314
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance MiVB SVI 1.0.0.25, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit requires user...
CVE-2024-35315
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance MiVB SVI 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker...
CVE-2024-41714
A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 9.8.1.5 and MiVoice Business Solution Virtual Instance MiVB SVI through 1.0.0.27 could allow an authenticated attacker to conduct a command injection attack, due to insufficient parameter sanitization. A successful...
CVE-2024-35315
Mitel MiCollab Desktop Client (versions up to 9.7.1.110) and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25 contain a privilege-escalation flaw due to improper file validation. An authenticated, local attacker could execute arbitrary code with elevated privileges. MITRE-like impac...
PT-2024-7493 · Mitel · Mivoice Business Solution Virtual Instance +1
Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions through 9.8 SP1 9.8.1.5 MiVoice Business Solution Virtual Instance MiVB SVI versions through 1.0.0.27 Description: A vulnerability in the Web Interface component could allow an authenticated attacker to conduct a comma...
PT-2024-4059 · Mitel · Mivoice Business Solution Virtual Instance +1
Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions 9.7.1.110 and earlier MiVoice Business Solution Virtual Instance MiVB SVI version 1.0.0.25 Description: A vulnerability in the Desktop Client could allow an authenticated attacker to conduct a privilege escalation atta...
Mitel Mivoice Business Detection
Binary data mitelmivoicebusinessdetect.nbin...
CVE-2022-31784
A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker that has network access to the management interface to conduct a buffer overflow attack due to insufficient validation of URL...
CVE-2022-31784
A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker that has network access to the management interface to conduct a buffer overflow attack due to insufficient validation of URL...
Buffer overflow
A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker that has network access to the management interface to conduct a buffer overflow attack due to insufficient validation of URL...