Lucene search
+L

29 matches found

Nuclei
Nuclei
added yesterday18 views

Mitel MiCollab - Information Disclosure & Denial of Service

Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 contain a vulnerability in the TP-240 component caused by improper handling, letting remote attackers obtain sensitive information and cause denial of service, exploit requires remote access. id: CVE-2022-26143 info: name:...

9.8CVSS8.6AI score0.87565EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/27 2:25 p.m.18 views

CVE-2021-27401

The Join Meeting page of Mitel MiCollab Web Client before 9.2 FP2 could allow an attacker to access view and modify user data by executing arbitrary code due to insufficient input validation, aka Cross-Site Scripting XSS...

6.1CVSS6.8AI score0.00586EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:34 a.m.7 views

CVE-2024-41714

A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 9.8.1.5 and MiVoice Business Solution Virtual Instance MiVB SVI through 1.0.0.27 could allow an authenticated attacker to conduct a command injection attack, due to insufficient parameter sanitization. A successful...

8.8CVSS8.1AI score0.01268EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-18933

Malware in sbrugna...

9.8CVSS9.2AI score0.01169EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-18929

Malware in sbrugna...

6.5CVSS6.5AI score0.00672EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-18285

Malware in sbrugna...

6.1CVSS6.3AI score0.00634EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-39161

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00822EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:40 a.m.11 views

CVE-2024-30157

A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to...

7.2CVSS8.2AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:40 a.m.5 views

CVE-2024-35314

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance MiVB SVI 1.0.0.25, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit requires user...

9.8CVSS8.1AI score0.01745EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 10:38 a.m.8 views

CVE-2024-41712

A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow an authenticated attacker to conduct a command injection attack, due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary commands on the system...

6.6CVSS7.9AI score0.0055EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:38 a.m.10 views

CVE-2024-47223

A vulnerability in the AWV Audio, Web and Video Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access...

9.4CVSS8.2AI score0.00458EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:36 a.m.6 views

CVE-2024-47912

A vulnerability in the AWV Audio, Web, and Video Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to perform unauthorized data-access attacks due to missing authentication mechanisms. A successful exploit could allow an attacker to...

8.2CVSS7.3AI score0.00372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:41 a.m.6 views

CVE-2024-55550

Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, due to insufficient input sanitization. A successful exploit could allow the authenticated admin attacker to access resources that are constrained to the admin access...

4.4CVSS6.8AI score0.38104EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 p.m.11 views

CVE-2022-36452

A vulnerability in the web conferencing component of Mitel MiCollab through 9.5.0.101 could allow an unauthenticated attacker to upload malicious files. A successful exploit could allow an attacker to execute arbitrary code within the context of the application...

9.8CVSS8AI score0.00822EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 11:9 p.m.9 views

CVE-2022-36454

A vulnerability in the MiCollab Client API of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to impersonate another user's name...

6.5CVSS6.6AI score0.00478EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:10 p.m.7 views

CVE-2021-27402

The SAS Admin portal of Mitel MiCollab before 9.2 FP2 could allow an unauthenticated attacker to access view and modify user data by injecting arbitrary directory paths due to improper URL validation, aka Directory Traversal...

6.5CVSS7.2AI score0.01067EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:44 p.m.8 views

CVE-2021-32071

The MiCollab Client service in Mitel MiCollab before 9.3 could allow an unauthenticated user to gain system access due to improper access control. A successful exploit could allow an attacker to view and modify application data, and cause a denial of service for users...

9.8CVSS7.2AI score0.01169EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:33 p.m.9 views

CVE-2021-32072

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...

6.5CVSS6.6AI score0.00804EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:22 p.m.8 views

CVE-2020-25606

The AWV component of Mitel MiCollab before 9.2 could allow an attacker to view system information by sending arbitrary code due to improper input validation, aka XSS...

6.1CVSS7.1AI score0.00634EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2025/01/07 12:0 a.m.18 views

Mitel MiCollab Path Traversal Vulnerability

Mitel MiCollab contains a path traversal vulnerability that could allow an authenticated attacker with administrative privileges to read local files within the system due to insufficient input sanitization. This vulnerability can be chained with CVE-2024-41713, which allows an unauthenticated,...

9.1CVSS7.1AI score0.98067EPSS
In wildExploits3
Rows per page
Query Builder