CVE-2023-22280

CVE-2023-22280 affects MAHO-PBX NetDevancer series (Lite/Uni/Pro/Cloud prior to 1.11.00; VSG Lite/Uni prior to 1.11.00; MobileGate Home/Office prior to 1.11.00). The vulnerability is an OS command injection in the Management screen, exploitable by a remote authenticated attacker with administrati...

PT-2023-18394 · Maho Pbx · Maho-Pbx Netdevancer Vsg Lite/Uni +2

Name of the Vulnerable Software and Affected Versions: MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud versions prior to 1.11.00 MAHO-PBX NetDevancer VSG Lite/Uni versions prior to 1.11.00 MAHO-PBX NetDevancer MobileGate Home/Office versions prior to 1.11.00 Description: The issue allows a remote...

CVE-2023-22279

CVE-2023-22279 affects MAHO-PBX NetDevancer series (Lite/Uni/Pro/Cloud and MobileGate Home/Office). The vulnerability is an OS command injection in the Management screen that can be exploited remotely by an unauthenticated attacker. Affected versions are prior to 1.11.00; remediation is to update...

Multiple vulnerabilities in MAHO-PBX NetDevancer series

Overview There are multiple vulnerabilities in the Management screen of MAHO-PBX NetDevancer series provided by Mahoroba Kobo, Inc. OS Command Injection CWE-78 - CVE-2023-22279 OS Command Injection CWE-78 - CVE-2023-22280 Cross-Site Request Forgery CWE-352 - CVE-2023-22286 Reflected Cross-site...

JVN#99957889: Multiple vulnerabilities in MAHO-PBX NetDevancer series

There are multiple vulnerabilities in the Management screen of MAHO-PBX NetDevancer series provided by Mahoroba Kobo, Inc. OS Command Injection CWE-78 - CVE-2023-22279 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 9.8 CVSS v2|...

MAHO-PBX NetDevancer series 操作系统命令注入漏洞

The MAHO-PBX NetDevancer series is an IP-PBX system from MAHO-PBX Japan. A security vulnerability exists in the MAHO-PBX NetDevancer, which is caused by an operating system command injection in the Management screen, and can be exploited by a remote attacker to execute arbitrary operating system...

MAHO-PBX NetDevancer series 跨站请求伪造漏洞

The MAHO-PBX NetDevancer series is an IP-PBX system from MAHO-PBX Japan. A security vulnerability exists in the MAHO-PBX NetDevancer series, which originates from a cross-site request forgery CSRF vulnerability in the Management screen, which could be exploited by an attacker to induce a user to...

MAHO-PBX NetDevancer series 操作系统命令注入漏洞

MAHO-PBX NetDevancer series is an IP-PBX system from MAHO-PBX Japan. A security vulnerability exists in the MAHO-PBX NetDevancer series, which is caused by an operating system command injection in the Management screen, and can be exploited by an attacker to execute arbitrary operating system...

MAHO-PBX NetDevancer series 跨站脚本漏洞

The MAHO-PBX NetDevancer series is an IP-PBX system from MAHO-PBX Japan. A security vulnerability exists in the MAHO-PBX NetDevancer series, which is caused by cross-site scripting XSS in the Management screen, which can be exploited by an attacker to execute arbitrary scripts on the web browser ...