27 matches found
CVE-2023-31459
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6.2208.101 and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because the initial installation does not enforce a password...
EUVD-2023-35765
Malicious code in bioql PyPI...
EUVD-2023-43021
Malicious code in bioql PyPI...
EUVD-2023-43023
Malicious code in bioql PyPI...
CVE-2023-39286
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request validation. A successful exploit could allow an attacker to provide a...
CVE-2023-39286
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request validation. A successful exploit could allow an attacker to provide a...
Mitel Connect Mobility Router Cross-Site Request Forgery Vulnerability
Mitel Connect Mitel ShoreTel is a software for office communication from Mitel Canada. The software provides access to corporate contacts, support for selecting contacts to open conferences, and an interface to manage calls and voicemail. A security vulnerability exists in Mitel Connect Mobility...
CVE-2023-39286
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request validation. A successful exploit could allow an attacker to provide a...
CVE-2023-39286
CVE-2023-39286 affects Mitel MiVoice Connect, specifically the Connect Mobility Router component (versions up to 9.6.2304.102). The vulnerability enables an unauthenticated attacker to perform a CSRF attack due to insufficient request validation, with potential to modify system configuration by s...
CVE-2023-39291
A vulnerability in the Connect Mobility Router component of MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system...
CVE-2023-39289
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information...
CVE-2023-39288
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploi...
CVE-2023-39289
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information...
CVE-2023-39288
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploi...
Information disclosure
A vulnerability in the Connect Mobility Router component of MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system...
Design/Logic Flaw
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information...
PT-2023-26871 · Mitel · Mitel Mivoice Connect
Name of the Vulnerable Software and Affected Versions: Mitel MiVoice Connect versions through 9.6.2208.101 Description: A vulnerability in the Connect Mobility Router component could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A...
CVE-2023-39291
CVE-2023-39291 concerns Mitel MiVoice Connect’s Connect Mobility Router (affected versions up to 9.6.2304.102). The vulnerability is described as an information disclosure due to improper configuration, enabling an authenticated attacker with elevated privileges to view system information. The co...
CVE-2023-39289
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information...
CVE-2023-39291
A vulnerability in the Connect Mobility Router component of MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system...