7 matches found
CVE-2014-9563
CRLF injection vulnerability in the web-based management WBM interface in Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allows remote authenticated users to modify the root password and consequently access the debug port using the serial interface via th...
Code injection
Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of 1 ConfigureCoreFile.sh, 2 Traceroute.sh, 3 apps.sh, 4 conversionjava2native.sh, 5 coreCompression.sh, 6...
Crlf injection
CRLF injection vulnerability in the web-based management WBM interface in Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allows remote authenticated users to modify the root password and consequently access the debug port using the serial interface via th...
CVE-2014-8421
Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of 1 ConfigureCoreFile.sh, 2 Traceroute.sh, 3 apps.sh, 4 conversionjava2native.sh, 5 coreCompression.sh, 6...
CVE-2014-8422
The web-based management WBM interface in Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 generates session cookies with insufficient entropy, which makes it easier for remote attackers to hijack sessions via a brute-force attack...
CVE-2014-8421
Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of 1 ConfigureCoreFile.sh, 2 Traceroute.sh, 3 apps.sh, 4 conversionjava2native.sh, 5 coreCompression.sh, 6...
OpenStage SIP Default Credentials (HTTP)
The remote OpenStage SIP Webinterface is using default credentials. Copyright C 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...