Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alcatel vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2019-16242
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the appl...
Alcatelmobile Cingular Flip 2 Firmware B9huah1
10
CVSSv2
CVE-2019-20049
An issue exists on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construc...
Al-enterprise Omnivista 4760
7.2
CVSSv2
CVE-2007-1189
Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the de...
Bell Labs Plan 9
1 EDB exploit
7.7
CVSSv2
CVE-2019-14260
On the Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone VoIP phone with firmware 1.50.13, a command injection (missing input validation) issue in the password change field for the Change Password interface allows an authenticated remote attacker in the same network to...
Al-enterprise 8008 Firmware 1.50.13
4.3
CVSSv2
CVE-2019-16243
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. (This web API is normally used by...
Alcatelmobile Cingular Flip 2 Firmware B9huah1
5
CVSSv2
CVE-2019-20047
An issue exists on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices prior to 4.1.2. An incorrect web server configuration allows a remote unauthenticated malicious user to retrieve the content of its own session files. Every session file contains the administrative LDAP cr...
Al-enterprise Omnivista 4760
Al-enterprise Omnivista 8770
4.6
CVSSv2
CVE-2019-16241
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication ...
Alcatelmobile Cingular Flip 2 Firmware B9huah1
9.3
CVSSv2
CVE-2018-14327
The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" direc...
Ee Ee40vb Firmware
1 EDB exploit
10
CVSSv2
CVE-2011-2738
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor prior to 8.6, as used in Unified Operations Manager prior to 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x prior to 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ioni...
Cisco Unified Service Monitor 8.0
Cisco Unified Service Monitor
Cisco Unified Service Monitor 2.0.1
Cisco Unified Service Monitor 2.2
Cisco Unified Service Monitor 2.3
Cisco Unified Service Monitor 2.0
Cisco Unified Service Monitor 2.1
Cisco Unified Service Monitor 1.1
Cisco Unified Operations Manager 2.0.2
Cisco Unified Operations Manager 2.0.3
Cisco Ciscoworks Lan Management Solution 3.0
Cisco Ciscoworks Lan Management Solution 3.2
Cisco Unified Operations Manager 1.1
Cisco Unified Operations Manager 2.3
Cisco Unified Operations Manager 8.0
Cisco Ciscoworks Lan Management Solution 4.0
Cisco Ciscoworks Lan Management Solution 4.0.1
Cisco Unified Operations Manager 2.0
Cisco Unified Operations Manager 2.0.1
Cisco Unified Operations Manager
Cisco Unified Operations Manager 1.0
Cisco Unified Operations Manager 2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6