The vulnerability of the Microprogrammed Software for IP Telephones Mitel 6869i, related to the lack of measures taken for data cleaning at the management level, allows a perpetrator to execute arbitrary commands.

The vulnerability of the Microprogrammed Software for Mitel 6869i IP phones lies in the lack of measures taken at the management level during the processing of the hostname parameter on the provis.html page. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by...

CVE-2024-37569

An issue was discovered on Mitel 6869i through 4.5.0.41 and 5.x through 5.0.0.1018 devices. A command injection vulnerability exists in the hostname parameter taken in by the provis.html endpoint. The provis.html endpoint performs no sanitization on the hostname parameter sent by an authenticated...

Mitel 6869i SIP Security Vulnerability

Mitel 6869i SIP is a powerful and scalable desk phone from Mitel Canada. A security vulnerability exists in Mitel 6869i versions 4.5.0.41 and earlier, 5.0.0.1018 and earlier, which stems from the provis.html endpoint that does not clean up the hostname parameter, and can be exploited by an attack...