CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1281 matches found

SmartNode SN200 Analog Telephone Adapter (ATA) & VoIP Gateway - Command Injection

The SmartNode SN200 Analog Telephone Adapter ATA & VoIP Gateway is vulnerable to command injection. id: CVE-2023-41109 info: name: SmartNode SN200 Analog Telephone Adapter ATA & VoIP Gateway - Command Injection author: princechaddha severity: critical description: | The SmartNode SN200 Analog...

9.8CVSS7.3AI score0.9198EPSS

Exploits3References5

Nuclei•added yesterday•25 views

Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor

Auerswald COMpact 5500R 7.8A and 8.0B devices contain an unauthenticated endpoint "https://192.168.1.2/aboutstate", enabling the bad actor to gain backdoor access to a web interface that allows for resetting the administrator password. id: CVE-2021-40859 info: name: Auerswald COMpact 5500R 7.8A a...

10CVSS7.5AI score0.79797EPSS

Exploits6References4

Rapid7 Blog•added 2 days ago•15 views

CVE-2026-0826: How an Old Bug Can Feed AI-Powered Impersonation

One of the more persistent myths in security is that old bug classes become old problems. They don’t. They just show up in different places, under different conditions, and usually at the exact moment we’ve convinced ourselves not to pay attention to them. That’s part of what makes enterprise voi...

9.2CVSS6.3AI score0.00212EPSS

Exploits0

CNNVD•added 2026/05/01 12:0 a.m.•2 views

Solutions VoIP GSVoIP web panel 跨站脚本漏洞

Solutions VoIP GSVoIP web panel is a VoIP management interface from Solutions VoIP. A cross-site scripting vulnerability in the Solutions VoIP GSVoIP web panel version 2.0.90, which stems from improperly cleaned user input for the msg parameter in the /painel/gateways.php/error endpoint, could le...

6.1CVSS5.8AI score0.00049EPSS

Exploits1References1

vulnersOsv•added 2026/03/26 10:0 p.m.•2 views

mad-notifications (=6.0.0rc9), voicetest (>=0.20.0 <=0.42.0) +1 more potentially affected by unknown CVE via telnyx (=4.124.0)

telnyx PYPI version =4.124.0 is affected by a known vulnerability. The following packages have a transitive dependency on telnyx and may be impacted: - mad-notifications =6.0.0rc9 - voicetest =0.20.0, =0.4.0, =0.4.4 Source cves: unknown CVE Source advisory: SNYK:PYTHON-TELNYX-15790745...

5.8AI score

Exploits0

CVE•added 2026/02/11 8:49 p.m.•7 views

CVE-2020-37153

CVE-2020-37153 affects ASTPP 4.0.1. The vulnerability set includes cross-site scripting and command injection in the SIP device configuration and plugin management interfaces. Attackers could inject system commands, hijack administrator sessions, and potentially execute arbitrary code with root p...

9.8CVSS5.7AI score0.00176EPSS

Exploits1References4Affected Software1

Cvelist•added 2026/02/11 8:49 p.m.•19 views

CVE-2020-37153 ASTPP VoIP 4.0.1 - Remote Code Execution

ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scripting and command injection in SIP device configuration and plugin management interfaces. Attackers can exploit these flaws to inject system commands, hijack administrator sessions, and potentially execute arbitrary code with...

9.8CVSS0.00176EPSS

Exploits1References4

CNNVD•added 2026/02/11 12:0 a.m.•2 views

ASTPP 跨站脚本漏洞

ASTPP is a VoIP billing solution developed by Innextrix Technologies Pvt. Ltd. Version 4.0.1 of ASTPP contains a cross-site scripting vulnerability. This vulnerability stems from cross-site scripting and command injection vulnerabilities in the SIP device configuration and plugin management...

9.8CVSS5.9AI score0.00176EPSS

Exploits1References4

CVE•added 2026/01/29 6:6 p.m.•9 views

CVE-2025-15542

CVE-2025-15542 describes a DoS in VX800v v1.0’s SIP processing caused by improper handling of exceptional conditions. An attacker can flood the device with crafted INVITE messages, blocking all voice lines and disrupting incoming calls. The issue is documented across multiple sources (NVD/Red Hat...

6.3CVSS5.9AI score0.00139EPSS

Exploits0References2Affected Software1

CNNVD•added 2026/01/29 12:0 a.m.•1 views

TP-Link VX800v security vulnerability

The TP-Link VX800v is a VoIP gateway produced by the TP-Link company. The TP-Link VX800v 1.0 version has a security vulnerability. This vulnerability stems from improper parsing of USB HTTP access path links, which may allow custom USB devices to expose the contents of the root file system...

5.1CVSS5.8AI score0.00032EPSS

Exploits0References3

Fedora•added 2026/01/13 12:49 a.m.•4 views

[SECURITY] Fedora 43 Update: coturn-4.7.0-4.fc43

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

7.7CVSS7AI score0.0008EPSS

Exploits0