347 matches found
CVE-2025-67822
A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 7.3.0.0.50 through 7.8 SP1 7.8.1.0.14 could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gai...
EUVD-2025-206291
A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 7.3.0.0.50 through 7.8 SP1 7.8.1.0.14 could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gai...
CVE-2025-67822
A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 7.3.0.0.50 through 7.8 SP1 7.8.1.0.14 could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gai...
CVE-2025-67822
A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 7.3.0.0.50 through 7.8 SP1 7.8.1.0.14 could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gai...
CVE-2025-67822
A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 7.3.0.0.50 through 7.8 SP1 7.8.1.0.14 could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gai...
CVE-2025-67822
A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 7.3.0.0.50 through 7.8 SP1 7.8.1.0.14 could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gai...
CVE-2025-67822
The CVE‑2025‑67822 affects Mitel MiVoice MX‑ONE, Provisioning Manager: versions 7.3.0.0.50 through 7.8.1.0.14 exposed to an unauthenticated authentication bypass in the Provisioning Manager. The root cause is improper authentication mechanisms, enabling an attacker to gain unauthorized access to ...
PT-2026-3135
Name of the Vulnerable Software and Affected Versions Mitel MiVoice MX-ONE versions 7.3.0.0.50 through 7.8.1.0.14 Description A flaw exists in the Provisioning Manager component that allows an unauthenticated attacker to bypass authentication. A successful exploit could grant unauthorized access ...
Mitel MiVoice MX-ONE security vulnerabilities
Mitel MiVoice MX-ONE is a comprehensive communication solution provided by the Canadian company Mitel. Versions 7.3 to 7.8 SP1 of Mitel MiVoice MX-ONE contain security vulnerabilities. These vulnerabilities stem from improper authentication mechanisms, which may allow for bypasses during...
CVE-2025-67822
A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 7.3.0.0.50 through 7.8 SP1 7.8.1.0.14 could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gai...
CVE-2023-25599
A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2, 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the testpresenter.php page. A successful exploit could allow an...
CVE-2023-25598
A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2 and 20.x, 21.x, and 22.x through 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the home.php page. A successful...
CVE-2023-31459
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6.2208.101 and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because the initial installation does not enforce a password...
CVE-2023-31460
A vulnerability in the Connect Mobility Router component of MiVoice Connect versions 9.6.2208.101 and earlier could allow an authenticated attacker with internal network access to conduct a command injection attack due to insufficient restriction on URL parameters...
CVE-2022-31784
A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker that has network access to the management interface to conduct a buffer overflow attack due to insufficient validation of URL...
CVE-2022-26143
The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...
CVE-2020-10211
A remote code execution vulnerability in UCB component of Mitel MiVoice Connect before 19.1 SP1 could allow an unauthenticated remote attacker to execute arbitrary scripts due to insufficient validation of URL parameters. A successful exploit could allow an attacker to gain access to sensitive...
CVE-2020-10377
A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials. A successful exploit could allow an attacker to access the system with compromised user credentials...
EUVD-2020-2832
Malware in sbrugna...
EUVD-2020-20147
Malware in sbrugna...