8 matches found
EUVD-2018-8071
Malware in sbrugna...
EUVD-2018-8072
Malware in sbrugna...
CVE-2018-16220
Cross Site Scripting in different input fields domain field and personal settings in AudioCodes 405HD VoIP phone with firmware 2.2.12 allows an attacker local or remote to inject JavaScript into the web interface of the device by manipulating the phone book entries or manipulating the domain name...
CVE-2018-16219
A missing password verification in the web interface in AudioCodes 405HD VoIP phone with firmware 2.2.12 allows an remote attacker in the same network as the device to change the admin password without authentication via a POST request...
CVE-2018-16216
A command injection missing input validation, escaping in the monitoring or memory status web interface in AudioCodes 405HD firmware 2.2.12 VoIP phone allows an authenticated remote attacker in the same network as the device to trigger OS commands like starting telnetd or opening a reverse shell...
CVE-2018-16216
A command injection missing input validation, escaping in the monitoring or memory status web interface in AudioCodes 405HD firmware 2.2.12 VoIP phone allows an authenticated remote attacker in the same network as the device to trigger OS commands like starting telnetd or opening a reverse shell...
CVE-2018-16220
Cross Site Scripting in different input fields domain field and personal settings in AudioCodes 405HD VoIP phone with firmware 2.2.12 allows an attacker local or remote to inject JavaScript into the web interface of the device by manipulating the phone book entries or manipulating the domain name...
Command injection
A command injection missing input validation, escaping in the monitoring or memory status web interface in AudioCodes 405HD firmware 2.2.12 VoIP phone allows an authenticated remote attacker in the same network as the device to trigger OS commands like starting telnetd or opening a reverse shell...