Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-32072
The MiCollab Client Service component in Mitel MiCollab prior to 9.3 could allow an malicious user to get source code information (disclosing sensitive application data) due to insufficient output sanitization. A successful exploit could allow an malicious user to view source cod...
Mitel Micollab
6.1
CVSSv3
CVE-2020-25611
The AWV portal of Mitel MiCollab prior to 9.2 could allow an malicious user to gain access to conference information by sending arbitrary code due to improper input validation, aka XSS. Successful exploitation could allow an malicious user to view user conference information.
Mitel Micollab
9.1
CVSSv3
CVE-2020-35547
A library index page in NuPoint Messenger in Mitel MiCollab prior to 9.2 FP1 could allow an unauthenticated malicious user to gain access (view and modify) to user data.
Mitel Micollab
6.8
CVSSv3
CVE-2022-29854
A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and previous versions, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during syst...
Mitel Minet Firmware
8.8
CVSSv3
CVE-2022-36451
A vulnerability in the MiCollab Client server component of Mitel MiCollab up to and including 9.5.0.101 could allow an authenticated malicious user to conduct a Server-Side Request Forgery (SSRF) attack due to insufficient restriction of URL parameters. A successful exploit could...
Mitel Micollab
6.1
CVSSv3
CVE-2020-27340
The online help portal of Mitel MiCollab prior to 9.2 could allow an malicious user to redirect a user to an unauthorized website by executing malicious script due to insufficient access control.
Mitel Micollab
5.9
CVSSv3
CVE-2023-25597
A vulnerability in the web conferencing component of Mitel MiCollab up to and including 9.6.2.9 could allow an unauthenticated malicious user to download a shared file via a crafted request - including the exact path and filename - due to improper authentication control. A succes...
Mitel Micollab
6.1
CVSSv3
CVE-2018-12901
A vulnerability in the conferencing component of Mitel ST 14.2, versions GA29 (19.49.9400.0) and previous versions, could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the signin.php page. A suc...
Mitel St Firmware
9.8
CVSSv3
CVE-2022-41326
The web conferencing component of Mitel MiCollab up to and including 9.6.0.13 could allow an unauthenticated malicious user to upload arbitrary scripts due to improper authorization controls. A successful exploit could allow remote code execution within the context of the applica...
Mitel Micollab
9.8
CVSSv3
CVE-2022-36452
A vulnerability in the web conferencing component of Mitel MiCollab up to and including 9.5.0.101 could allow an unauthenticated malicious user to upload malicious files. A successful exploit could allow an malicious user to execute arbitrary code within the context of the applic...
Mitel Micollab
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »