7 matches found
CVE-2022-40765
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 22.22.6100.0 could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters...
U.S. Cybersecurity Agency CISA Adds Three New Vulnerabilities in KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added three security flaws to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The list of shortcomings is as follows - CVE-2022-47986 CVSS score: 9.8 - IBM Aspera Faspex Code...
U.S. Cybersecurity Agency CISA Adds Three New Vulnerabilities in KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added three security flaws to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The list of shortcomings is as follows - CVE-2022-47986 CVSS score: 9.8 - IBM Aspera Faspex Code...
CVE-2022-40765
creationtimestamp| type| source ---|---|--- 2022-11-22 07:12:40+00:00| seen| https://t.me/cibsecurity/53298 2023-02-22 06:49:53+00:00| exploited| https://t.me/thehackernews/3079 2023-06-14 21:10:04+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-05 01:25:42+00:00| seen|...
CVE-2022-40765
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 22.22.6100.0 could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters...
CVE-2022-40765
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 22.22.6100.0 could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters...
CVE-2022-40765
The CVE-2022-40765 issue affects Mitel MiVoice Connect, specifically the Edge Gateway component, where insufficient restriction of URL parameters allows an authenticated attacker with internal network access to perform a command injection. Connected sources confirm an internal-network, authentica...