Lucene search
K

7 matches found

CNNVD
CNNVD
added 2026/02/20 12:0 a.m.6 views

Zenitel AlphaCom 安全漏洞

Zenitel AlphaCom is a critical communication server owned by the Norwegian company Zenitel. There is a security vulnerability in Zenitel AlphaCom, which allows attackers to read arbitrary files by modifying file path parameters to internal system paths...

6.5CVSS5.9AI score0.00393EPSS
Exploits0References2
NVD
NVD
added 2021/09/15 1:15 p.m.34 views

CVE-2021-40845

The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory...

8.8CVSS0.04609EPSS
Exploits7References4
Cvelist
Cvelist
added 2021/09/15 12:39 p.m.44 views

CVE-2021-40845

The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory...

9.2AI score0.04609EPSS
Exploits7References4
Packet Storm
Packet Storm
added 2021/09/15 12:0 a.m.204 views

Zenitel AlphaCom XE Audio Server 11.2.3.10 Shell Upload

Exploit Title: AlphaWeb XE - Authenticated Insecure File Upload leading to RCE CVE-2021-40845 Date: 09/09/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor website: https://www.zenitel.com/ Product website: https://wiki.zenitel.com/wiki/AlphaWeb CVE: CVE-2021-40845...

0.04609EPSS
Exploits7
0day.today
0day.today
added 2021/09/15 12:0 a.m.415 views

Zenitel AlphaCom XE Audio Server 11.2.3.10 Shell Upload Vulnerability

Zenitel AlphaCom XE Audio Server versions up to 11.2.3.10 have a web interface called AlphaWeb XE that allows for a remote shell upload. I. VULNERABILITY ------------------------- AlphaWeb XE - Authenticated Insecure File Upload leading to RCE II. CVE REFERENCE -------------------------...

8.8CVSS0.1AI score0.04609EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/09/14 12:0 a.m.259 views

Zenitel AlphaCom XE Audio Server 11.2.3.10 Shell Upload

I. VULNERABILITY ------------------------- AlphaWeb XE - Authenticated Insecure File Upload leading to RCE II. CVE REFERENCE ------------------------- CVE-2021-40845 III. VENDOR ------------------------- https://www.zenitel.com/ IV. DESCRIPTION ------------------------- The web part of Zenitel...

0.2AI score0.04609EPSS
Exploits7
CNNVD
CNNVD
added 2021/09/14 12:0 a.m.16 views

Zenitel AlphaCom XE Audio Server 代码问题漏洞

Zenitel AlphaCom XE Audio Server is a hybrid intercom system from Zenitel Norway. The system supports all VINGTOR-STENTOFON IP and analog intercom stations. A security vulnerability exists in Zenitel AlphaCom XE Audio Server that allows remote shell uploads...

8.8CVSS8AI score0.04609EPSS
Exploits7References7
Rows per page
Query Builder