Lucene search
+L
MutareVoice

4 matches found

CVE
CVE
added 2021/02/16 3:44 a.m.71 views

CVE-2021-27233

Mutare Voice (EVM) 3.x before 3.3.8 has an information disclosure on the admin portal Settings.asp where password information for external systems is visible in cleartext. Affected component: admin UI/settings page. Root cause: cleartext exposure of credentials in the admin portal. Impact: confid...

4.9CVSS5.2AI score0.00511EPSS
CVE
CVE
added 2021/02/16 3:43 a.m.69 views

CVE-2021-27235

Mutare Voice (EVM) 3.x before 3.3.8 contains an insecure admin-portal export at diagzip.asp that allows unauthenticated users to export database tables. Root cause is a misconfigured export function without proper access controls, enabling potential data disclosure. Affected product: Mutare Voice...

4.9CVSS5.1AI score0.00822EPSS
CVE
CVE
added 2021/02/16 3:43 a.m.60 views

CVE-2021-27236

Mutare Voice (EVM) 3.x before 3.3.8 is affected. The issue is an Unauthenticated Local File Inclusion via getfile.asp that can be leveraged to achieve Remote Code Execution. Affected component: getfile.asp in Mutare Voice; root cause: unauthenticated LFI. Impact: allows remote code execution with...

9.8CVSS9.4AI score0.02061EPSS
CVE
CVE
added 2021/02/16 3:43 a.m.53 views

CVE-2021-27234

Mutare Voice (EVM) 3.x before 3.3.8 contains an SQL injection vulnerability in the web application, affecting Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and Evmlog.asp. The issue is caused by unsafe SQL query construction in the vulnerable pages. The connected sources do not prov...

9.8CVSS9.8AI score0.00979EPSS