Lucene search
K

251 matches found

CVE
CVE
added 2024/05/07 12:0 a.m.58 views

CVE-2024-29149

CVE-2024-29149 affects Alcatel-Lucent ALE NOE deskphones (86x8 NOE-R300.1.40.12.4180 and earlier) and ALE SIP deskphones (86x8 SIP-R200.1.01.10.728 and earlier). The issue is a time‑of‑check time‑of‑use vulnerability that permits an authenticated attacker to replace a verified firmware image with...

7.4CVSS6.7AI score0.00203EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/07 12:0 a.m.3 views

Alcatel-Lucent ALE NOE 安全漏洞

The Alcatel-Lucent ALE NOE is a desktop phone from Alcatel-Lucent. A security vulnerability exists in Alcatel-Lucent ALE NOE versions 86x8NOE-R300.1.40.07.4140, 86x8SIP-R200.1.01.10.728, which stems from a security issue at check time, which could allow an authenticated attacker to replace the...

7.4CVSS6.4AI score0.00203EPSS
Exploits0References5
CVE
CVE
added 2024/05/07 12:0 a.m.60 views

CVE-2024-29150

The CVE affects Alcatel-Lucent ALE NOE deskphones (86x8 NOE-R300.1.40.12.4180 and earlier) and SIP deskphones (86x8_SIP-R200.1.01.10.728 and earlier). The root cause is improper privilege management that allows an authenticated attacker to create symbolic links to sensitive files in debugging dat...

8.8CVSS6.7AI score0.00483EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2020/10/28 12:0 a.m.18 views

Alcatel Lucent Stack Overflow (CVE-2019-3922)

A stack overflow vulnerability exists in Alcatel Lucent. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.5CVSS5.3AI score0.05238EPSS
Exploits1
NVD
NVD
added 2020/01/31 10:15 p.m.15 views

CVE-2014-3809

Cross-site scripting XSS vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch PSS 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html...

6.1CVSS6.1AI score0.00906EPSS
Exploits2References1
Prion
Prion
added 2020/01/31 10:15 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch PSS 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html...

4.3CVSS6.2AI score0.00906EPSS
Exploits2References1Affected Software3
Cvelist
Cvelist
added 2020/01/31 9:55 p.m.18 views

CVE-2014-3809

Cross-site scripting XSS vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch PSS 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html...

6.1AI score0.00906EPSS
Exploits2References1
CVE
CVE
added 2020/01/31 9:55 p.m.163 views

CVE-2014-3809

CVE-2014-3809 describes a reflected cross-site scripting (XSS) vulnerability in the management interface of Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier. The flaw allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html. The root...

6.1CVSS6AI score0.00906EPSS
Exploits2References1Affected Software1
CNVD
CNVD
added 2019/12/30 12:0 a.m.3 views

Alcatel-Lucent OmniVista 4760 Directory Traversal and Insecure File Upload Vulnerability

LE Alcatel-Lucent Omnivista 4760 is a network management system from ALE France. The product includes features such as alarm notification, OmniPCX configuration, performance analysis and Voice over IP monitoring. A security vulnerability exists in the ALE Alcatel-Lucent OmniVista 4760. An attacke...

10CVSS7.3AI score0.12805EPSS
Exploits1References1
CNVD
CNVD
added 2019/12/30 12:0 a.m.2 views

Alcatel-Lucent OmniVista 8770 Remote Code Execution Vulnerability

The ALE Alcatel-Lucent Omnivista 8770 is a network management system from ALE France. The product includes features such as alarm notification, OmniPCX configuration, performance analysis, and Voice over IP monitoring. A security vulnerability exists in the ALE Alcatel-Lucent OmniVista 8770 prior...

9CVSS7.4AI score0.05818EPSS
Exploits1References1
NVD
NVD
added 2019/12/27 7:15 p.m.21 views

CVE-2019-20048

An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM...

9CVSS7.4AI score0.05818EPSS
Exploits1References4
NVD
NVD
added 2019/12/27 7:15 p.m.21 views

CVE-2019-20049

An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal which helps to bypass authentication with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the construct whereas the...

10CVSS9.8AI score0.12805EPSS
Exploits1References4
NVD
NVD
added 2019/12/27 7:15 p.m.22 views

CVE-2019-20047

An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded...

7.5CVSS7.6AI score0.02706EPSS
Exploits1References4
Prion
Prion
added 2019/12/27 7:15 p.m.22 views

Format string

An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded...

5CVSS7.6AI score0.02706EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2019/12/27 7:15 p.m.23 views

Directory traversal

An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal which helps to bypass authentication with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the construct whereas the...

10CVSS9.7AI score0.12805EPSS
Exploits1References4
Cvelist
Cvelist
added 2019/12/27 6:19 p.m.22 views

CVE-2019-20047

An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded...

7.7AI score0.02706EPSS
Exploits1References4
Cvelist
Cvelist
added 2019/12/27 6:19 p.m.25 views

CVE-2019-20048

An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM...

7.4AI score0.05818EPSS
Exploits1References4
CVE
CVE
added 2019/12/27 6:19 p.m.134 views

CVE-2019-20048

CVE-2019-20048 affects Alcatel-Lucent OmniVista 8770 devices prior to 4.1.2. An authenticated remote attacker with elevated privileges in the Web Directory component (port 389) can upload a PHP file, enabling Remote Code Execution as SYSTEM. Public Red Hat, CNVD, and CVE records corroborate the s...

9CVSS7.3AI score0.05818EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2019/12/27 6:18 p.m.144 views

CVE-2019-20049

The CVE-2019-20049 entry affects Alcatel-Lucent OmniVista 4760 devices. A remote, unauthenticated attacker can chain a directory traversal vulnerability (located in the __construct() method) with an insecure file upload (in SetSkinImages()) to achieve Remote Code Execution as SYSTEM. This combine...

10CVSS9.7AI score0.12805EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2019/12/27 6:18 p.m.25 views

CVE-2019-20049

An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal which helps to bypass authentication with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the construct whereas the...

9.9AI score0.12805EPSS
Exploits1References4
Rows per page
Query Builder