17 matches found
CVE-2022-26143
The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...
CVE-2022-31784
A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker that has network access to the management interface to conduct a buffer overflow attack due to insufficient validation of URL...
CVE-2022-31784
CVE-2022-31784 affects Mitel MiVoice Business (up to 9.3 PR1) and MiVoice Business Express (up to 8.0 SP3 PR3). The vulnerability stems from insufficient validation of URL parameters in the management interface, enabling an unauthenticated attacker with network access to perform a buffer overflow...
MiCollab, MiVoice Business Express Access Control Vulnerability
A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system...
The vulnerability of the TP-240 interface board’s microprogramming software in MiCollab and MiVoice Business Express systems, related to errors in processing XML messages, allows attackers to read and modify the configuration of the vulnerable device or trigger a service failure.
The vulnerability of the TP-240 interface board’s microprogramming software, used in the MiCollab and MiVoice Business Express collaboration platforms, is related to errors in processing XML messages. Exploiting this vulnerability allows an attacker to read and modify the configuration of the...
Massive DDoS Attack Knocked Israeli Government Websites Offline
A number of websites belonging to the Israeli government were felled in a distributed denial-of-service DDoS attack on Monday, rendering the portals inaccessible for a short period of time. "In the past few hours, a DDoS attack against a communications provider was identified," the Israel Nationa...
CVE-2022-26143
The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...
Code injection
The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...
CVE-2022-26143
The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...
Mitel Networks MiCollab和Mitel Networks MiVoice Business Express 访问控制错误漏洞
Mitel Networks MiCollab and Mitel Networks MiVoice Business Express are both products of Mitel Networks, Inc. of Canada.Mitel Networks MiCollab is a voice, video, messaging, audio conferencing, and team collaboration for employees. Mitel Networks MiVoice Business Express is a real-time...
CVE-2022-26143
The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...
Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times
Threat actors have been observed abusing a high-impact reflection/amplification method to stage sustained distributed denial-of-service DDoS attacks for up to 14 hours with a record-breaking amplification ratio of 4,294,967,296 to 1. The attack vector – dubbed TP240PhoneHome CVE-2022-26143 – has...
PT-2022-1816 · Mitel · Mivoice Business Express +1
Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions prior to 9.4 SP1 FP1 Mitel MiVoice Business Express versions prior to 8.1 Description: The issue is related to errors in processing XML messages in the TP-240 interface board software for Mitel MiCollab and MiVoice...
CVE-2018-18819
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 7.3.0.601 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP2 8.0.2.202, and MiVoice Business Express versions 7.3 PR3 7.3.1.302 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP1 8.0.2.202, could allow creation of...
Improper access control
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 7.3.0.601 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP2 8.0.2.202, and MiVoice Business Express versions 7.3 PR3 7.3.1.302 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP1 8.0.2.202, could allow creation of...
CVE-2018-18819
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 7.3.0.601 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP2 8.0.2.202, and MiVoice Business Express versions 7.3 PR3 7.3.1.302 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP1 8.0.2.202, could allow creation of...
CVE-2018-18819
CVE-2018-18819 affects MiCollab web conference chat component and MiVoice Business Express: MiCollab versions 7.3 PR6 (7.3.0.601) and earlier, and 8.0 (8.0.0.40) through 8.0 SP2 FP2 (8.0.2.202); MiVoice Business Express versions 7.3 PR3 (7.3.1.302) and earlier, and 8.0 (8.0.0.40) through 8.0 SP2 ...