Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.8 views

CVE-2023-43744

An OS command injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an administrator to execute arbitrary OS commands via a file name parameter in a patch application function. The Zult...

7.2CVSS8.3AI score0.01988EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.4 views

CVE-2023-43743

A SQL injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an authenticated attacker to execute arbitrary SQL queries on the backend database via the filter parameter in requests to th...

8.8CVSS8.3AI score0.00687EPSS
Exploits0References1
OSV
OSV
added 2023/12/08 1:15 a.m.2 views

CVE-2023-43743

A SQL injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an authenticated attacker to execute arbitrary SQL queries on the backend database via the filter parameter in requests to th...

8.8CVSS6AI score0.00687EPSS
Exploits0References2
NVD
NVD
added 2023/12/08 1:15 a.m.28 views

CVE-2023-43743

A SQL injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an authenticated attacker to execute arbitrary SQL queries on the backend database via the filter parameter in requests to th...

8.8CVSS0.00687EPSS
Exploits0References2
Prion
Prion
added 2023/12/08 1:15 a.m.17 views

Command injection

An OS command injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an administrator to execute arbitrary OS commands via a file name parameter in a patch application function. The Zult...

5.8CVSS8.6AI score0.01988EPSS
Exploits0References2Affected Software6
Prion
Prion
added 2023/12/08 1:15 a.m.21 views

Authentication flaw

An authentication bypass in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an unauthenticated attacker to obtain an administrative session via a protection mechanism failure in the authentication function...

7.5CVSS7.7AI score0.00924EPSS
Exploits0References1Affected Software6
Prion
Prion
added 2023/12/08 1:15 a.m.14 views

Sql injection

A SQL injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an authenticated attacker to execute arbitrary SQL queries on the backend database via the filter parameter in requests to th...

6.5CVSS8.6AI score0.00687EPSS
Exploits0References2Affected Software6
Vulnrichment
Vulnrichment
added 2023/12/08 12:0 a.m.2 views

CVE-2023-43743

A SQL injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an authenticated attacker to execute arbitrary SQL queries on the backend database via the filter parameter in requests to th...

8.2AI score0.00687EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/08 12:0 a.m.4 views

Zultys MX Series Security Vulnerability

Zultys MX Series is a series of IP phones from Zultys Corporation in the United States. A security vulnerability exists in Zultys MX Series that originates from an operating system command injection attack that allows a remote, authenticated user to execute the attack...

7.2CVSS7.3AI score0.01988EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/08 12:0 a.m.5 views

Zultys MX Series Security Vulnerability

Zultys MX Series is a series of IP phones from Zultys USA. A security vulnerability exists in Zultys MX Series, which stems from a susceptibility to authentication bypass, allowing an attacker to gain full administrative access without valid credentials...

9.8CVSS9.6AI score0.00924EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/12/08 12:0 a.m.18 views

CVE-2023-43743

A SQL injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an authenticated attacker to execute arbitrary SQL queries on the backend database via the filter parameter in requests to th...

9.1AI score0.00687EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/08 12:0 a.m.7 views

Zultys MX Series Security Vulnerability

Zultys MX Series is a series of IP phones from Zultys USA. A security vulnerability exists in Zultys MX Series that stems from susceptibility to SQL injection attacks...

8.8CVSS9AI score0.00687EPSS
Exploits0References3
Rows per page
Query Builder