54 matches found
EUVD-2005-4787
Malware in sbrugna...
EUVD-2019-6880
Malware in sbrugna...
EUVD-2006-2167
Malware in sbrugna...
EUVD-2013-1160
Malware in sbrugna...
CVE-2013-1120
Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCue35910...
CVE-2013-1114
Multiple cross-site scripting XSS vulnerabilities in Cisco Unity Express before 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud87527...
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager Denial of Service (CVE-2005-4794)
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager SESM allows remote attackers to cause a denial of service crash or instability via a compressed DNS packet with a label length byte with an incorrect offset. This plugin only works with...
Cisco Unity Express Insecure Deserialization (CVE-2018-15381)
An insecure deserialization vulnerability exists in Cisco Unity Express. Successful exploitation of this vulnerability would allow remote attackers to send a specially crafted serialized object to the vulnerable server...
The vulnerability of the Cisco Unity Express aut secretary, related to the refusal to accept measures for eliminating special elements used in the operating system’s command, allows a hacker to elevate their privileges and execute arbitrary code.
The vulnerability of the Cisco Unity Express autochanger lies in its inability to accept measures to neutralize special elements. Exploiting this vulnerability may allow an attacker to enhance their privileges and execute arbitrary code...
CVE-2019-15986
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
CVE-2019-15986
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
Input validation
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
CVE-2019-15986 Cisco Unity Express Command Injection Vulnerability
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
CVE-2019-15986
CVE-2019-15986 is a Cisco Unity Express local command injection vulnerability. An authenticated, local attacker with valid administrator credentials can feed crafted CLI commands due to improper input validation, leading to arbitrary commands executed with root privileges. Cisco’s advisory confir...
CVE-2019-15986 Cisco Unity Express Command Injection Vulnerability
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
Cisco Unity Express Operating System Command Injection Vulnerability
Cisco Unity Express CUE is a set of voice communication solutions from the American company Cisco Cisco. The product includes features such as voicemail and interactive voice response IVR. An operating system command injection vulnerability exists in Cisco CUE versions prior to 10.1, which stems...
Cisco Unity Express Command Injection Vulnerability
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
Cisco Unity Express CVE-2019-15986 Local Command Injection Vulnerability
Description Cisco Unity Express is prone to a local command-injection vulnerability. A local attacker can exploit this issue to execute arbitrary commands on the underlying OS with root privileges. This issue is being tracked by Cisco Bug ID CSCvq54120. Versions prior to Cisco Unity Express 10.1...
The vulnerability of the Cisco Unity Express autocalendar, related to the restoration of a questionable data structure in memory, allows an attacker to execute arbitrary commands.
The vulnerability of the Cisco Unity Express aut secretary relates to the restoration of unreliable data structures Java objects in memory during the processing of requests by the Java RMI Remote Method Invocation service. This vulnerability could allow a malicious actor to execute arbitrary...
CVE-2018-15381 Cisco Unity Express Arbitrary Command Execution Vulnerability
A Java deserialization vulnerability in Cisco Unity Express CUE could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An...