17 matches found
EUVD-2020-26844
Malware in sbrugna...
EUVD-2020-26845
Malware in sbrugna...
CVE-2020-5686
Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to access the remote system maintenance feature and obtain the information by sending a specially crafted request to a specific URL...
CVE-2020-5685
UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service DoS condition by sending a specially crafted request to a specific URL...
CVE-2020-5685
UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service DoS condition by sending a specially crafted request to a specific URL...
CVE-2020-5685
UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service DoS condition by sending a specially crafted request to a specific URL...
CVE-2020-5686
Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to access the remote system maintenance feature and obtain the information by sending a specially crafted request to a specific URL...
CVE-2020-5686
Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to access the remote system maintenance feature and obtain the information by sending a specially crafted request to a specific URL...
Authentication flaw
Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to access the remote system maintenance feature and obtain the information by sending a specially crafted request to a specific URL...
Design/Logic Flaw
UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service DoS condition by sending a specially crafted request to a specific URL...
CVE-2020-5686
Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to access the remote system maintenance feature and obtain the information by sending a specially crafted request to a specific URL...
CVE-2020-5686
CVE-2020-5686 is an authentication algorithm implementation flaw affecting NEC/UNIVERGE SV9500 series (V1–V7) and SV8500 series (S6–S8). A remote attacker can access the device’s web remote maintenance console and disclose information by sending a specially crafted request to a specific URL. The ...
CVE-2020-5685
UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service DoS condition by sending a specially crafted request to a specific URL...
CVE-2020-5685
The CVE-2020-5685 exposure affects UNIVERGE SV9500 series (V1–V7) and SV8500 series (S6–S8). The issue is an OS command injection vulnerability in the Remote System Maintenance web console, triggered by a specially crafted request to a specific URL, allowing an attacker to execute arbitrary OS co...
NEC Multiple Product Authorization Issues Vulnerabilities
The NEC UNIVERGE SV8500 and NEC UNIVERGE SV9500 are both an IP phone device from NEC Corporation of Japan. A security vulnerability exists in multiple NEC products that could allow a remote attacker to bypass the authentication process. The following products and versions are affected: UNIVERGE...
NEC Multiple Products Operating System Command Injection Vulnerability
The NEC UNIVERGE SV8500 and NEC UNIVERGE SV9500 are both an IP phone device from NEC Corporation of Japan. A security vulnerability exists in multiple NEC products that could allow a remote attacker to execute arbitrary shell commands on the target system. The following products and versions are...
JVN#38784555: Multiple vulnerabilities in UNIVERGE SV9500/SV8500 series
Remote system maintenance feature of UNIVERGE SV9500/SV8500 series' Web based remote maintenance console contains multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2020-5685 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H| Base Score...