47 matches found
EUVD-2002-0827
Malware in sbrugna...
EUVD-2018-9316
Malware in sbrugna...
EUVD-2018-10582
Malware in sbrugna...
EUVD-2014-3440
Malware in sbrugna...
EUVD-2014-3441
Malware in sbrugna...
EUVD-2006-0312
Malware in sbrugna...
EUVD-2023-27057
Malicious code in bioql PyPI...
EUVD-2023-27056
Malicious code in bioql PyPI...
EUVD-2023-27058
Malicious code in bioql PyPI...
Grandstream GXP2135 CWMP SelfDefinedTimeZone OS command injection vulnerability
Talos Vulnerability Report TALOS-2024-1978 Grandstream GXP2135 CWMP SelfDefinedTimeZone OS command injection vulnerability July 3, 2024 CVE Number CVE-2024-32937 SUMMARY An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129,...
AudioCodes VoIP Phones Hardcoded Key
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-052 Product: AudioCodes VoIP Phones Manufacturer: AudioCodes Ltd. Affected Versions: Firmware Versions = 3.4.8.M4 Tested Versions: Firmware Version 3.4.4.1000 Vulnerability Type: Use of Hard-coded Cryptographic Key CWE-321 Ris...
AudioCodes VoIP Phones Insufficient Firmware Validation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-055 Product: AudioCodes VoIP Phones Manufacturer: AudioCodes Ltd. Affected Versions: Firmware Versions = 3.4.4.1000 Tested Versions: Firmware Version 3.4.4.1000 Vulnerability Type: Missing Immutable Root of Trust in Hardware...
AudioCodes VoIP Phones Hardcoded Key
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-054 Product: AudioCodes VoIP Phones Manufacturer: AudioCodes Ltd. Affected Versions: Firmware Versions = 3.4.8.M4 Tested Versions: Firmware Version 3.4.4.1000 Vulnerability Type: Use of Hard-coded Cryptographic Key CWE-321 Ris...
CVE-2023-22956
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information...
PT-2023-18797 · Audiocodes · Audiocodes Voip Desk Phones
Name of the Vulnerable Software and Affected Versions: AudioCodes VoIP desk phones versions through 3.4.4.1000 Description: An issue was discovered due to the use of a hard-coded cryptographic key, allowing an attacker to decrypt encrypted configuration files and retrieve sensitive information...
Cisco Warns of Critical Nexus 9000 Data Center Flaw
A critical vulnerability in Cisco’s software-defined networking SDN software could allow an unauthenticated, remote attacker to connect to a vulnerable data-center switch and take it over, with the privileges of the root user. The bug CVE-2019-1804, which has a CVSS severity rating of 9.8 out of...
CVE-2018-17565
Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell...
Default credentials
Missing password verification in the web interface on Gigaset Maxwell Basic VoIP phones with firmware 2.22.7 would allow a remote attacker in the same network as the device to change the admin password without authentication and without knowing the original password...
Polycom VVX Web Interface Forced Admin Password Change Vulnerability
Polycom is a global leader in standards-based unified communications UC solutions for telepresence, video and voice. The Polycom VVX web interface can be forced to change the admin password vulnerability, which requires a user to access the "user" account in the web interface of a Polycom VoIP...
CVE-2012-1417
CVE-2012-1417 maps to multiple cross-site scripting vulnerabilities in Yealink VOIP Phones (Local Phone Book and Blacklist form). Root cause: unsanitized or improperly neutralized user input via the CGI path (ConfigManApp.com) allows injected scripts to be executed in the target user’s browser. I...