CVE-2025-41083

Vulnerability in Altitude Authentication Service and Altitude Communication Server v8.5.3290.0 by Altitude, where manipulation of Host header in HTTP requests allows redirection to an arbitrary URL or modification of the base URL to trick the victim into sending login credentials to a malicious...

CVE-2025-41083

Vulnerability in Altitude Authentication Service and Altitude Communication Server v8.5.3290.0 by Altitude, where manipulation of Host header in HTTP requests allows redirection to an arbitrary URL or modification of the base URL to trick the victim into sending login credentials to a malicious...

CVE-2025-41082

Illegal HTTP request traffic vulnerability CL.0 in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers. This can cause a desynchronization of requests between frontend and backend servers, which...

CVE-2025-41083 Improper Neutralization in Altitude Communication Server

Vulnerability in Altitude Authentication Service and Altitude Communication Server v8.5.3290.0 by Altitude, where manipulation of Host header in HTTP requests allows redirection to an arbitrary URL or modification of the base URL to trick the victim into sending login credentials to a malicious...

EUVD-2025-206376

Vulnerability in Altitude Authentication Service and Altitude Communication Server v8.5.3290.0 by Altitude, where manipulation of Host header in HTTP requests allows redirection to an arbitrary URL or modification of the base URL to trick the victim into sending login credentials to a malicious...

CVE-2025-41083

Vulnerability in Altitude Authentication Service and Altitude Communication Server v8.5.3290.0 by Altitude, where manipulation of Host header in HTTP requests allows redirection to an arbitrary URL or modification of the base URL to trick the victim into sending login credentials to a malicious...

CVE-2025-41083

CVE-2025-41083 affects Altitude Authentication Service and Altitude Communication Server v8.5.3290.0 by Altitude. The issue is manipulation of the Host header in HTTP requests, enabling redirection to an arbitrary URL or altering the base URL to lure users into sending login credentials to a mali...

CVE-2025-41082

CVE-2025-41082 : Affected: Altitude Communication Server. vulnerability arises from inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers, causing desynchronization between frontend and backend servers. Potential effects include request h...

CVE-2025-41082 HTTP Request/Response Smuggling in Altitude Communication Server

Illegal HTTP request traffic vulnerability CL.0 in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers. This can cause a desynchronization of requests between frontend and backend servers, which...

PT-2026-4739

Vulnerability in Altitude Authentication Service and Altitude Communication Server v8.5.3290.0 by Altitude, where manipulation of Host header in HTTP requests allows redirection to an arbitrary URL or modification of the base URL to trick the victim into sending login credentials to a malicious...

Altitude Communication Server injection vulnerability

Altitude Communication Server is an IP contact center software developed by the American company Altitude. Version 8.5.3290.0 of Altitude Communication Server has a vulnerability that stems from operations on the Host header in HTTP requests. This vulnerability may lead to redirection to arbitrar...

CVE-2009-4510

The SSH service on the TANDBERG Video Communication Server VCS before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets...

CVE-2025-12507

The service Bizerba Communication Server BCS has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed...

CVE-2025-12507

The service Bizerba Communication Server BCS has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed...

CVE-2025-12507 Insecure service configuration – unquoted path

The service Bizerba Communication Server BCS has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed...

CVE-2025-12507

Summary of CVE-2025-12507 : The Bizerba Communication Server (BCS) exposes an unquoted service path for its Windows service. The root cause is a misconfigured startup path, which Windows may fail to parse correctly, allowing a local attacker to replace or hijack the service executable and potenti...

CVE-2025-12507 Insecure service configuration – unquoted path

The service Bizerba Communication Server BCS has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed...

EUVD-2025-37366

The service Bizerba Communication Server BCS has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed...

Bizerba Communication Server 安全漏洞

Bizerba Communication Server is an interface software component from Bizerba, Germany. A security vulnerability exists in Bizerba Communication Server that originates from an unreferenced service path and could lead to the execution of a malicious program...

PT-2025-44645

Name of the Vulnerable Software and Affected Versions Bizerba Communication Server BCS affected versions not specified Description The Bizerba Communication Server BCS service has an unquoted service path. This occurs when the Windows service's executable path contains spaces but is not enclosed ...