Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv2
CVE-2020-27639
The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 SIP phones with firmware prior to 5.1.0.SP6 could allow an unauthenticated attacker within Bluetooth range to pair a rogue Bluetooth device when a phone handset loses connection, due to an improper pairing mechanism. A ...
Mitel 6873i Sip Firmware
Mitel 6873i Sip Firmware 5.1.0
Mitel 6930 Sip Firmware
Mitel 6930 Sip Firmware 5.1.0
Mitel 6940 Sip Firmware
Mitel 6940 Sip Firmware 5.1.0
4.8
CVSSv2
CVE-2020-27640
The Bluetooth handset of Mitel MiVoice 6940 and 6930 MiNet phones with firmware prior to 1.5.3 could allow an unauthenticated attacker within Bluetooth range to pair a rogue Bluetooth device when a phone handset loses connection, due to an improper pairing mechanism. A successful...
Mitel Mivoice 6940 Firmware
Mitel Mivoice 6930 Firmware
4.3
CVSSv2
CVE-2020-25606
The AWV component of Mitel MiCollab prior to 9.2 could allow an malicious user to view system information by sending arbitrary code due to improper input validation, aka XSS.
Mitel Micollab
6.5
CVSSv2
CVE-2020-25608
The SAS portal of Mitel MiCollab prior to 9.2 could allow an malicious user to access user credentials due to improper input validation, aka SQL Injection.
Mitel Micollab
3.5
CVSSv2
CVE-2020-25609
The NuPoint Messenger Portal of Mitel MiCollab prior to 9.2 could allow an authenticated malicious user to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an malicious user to view and modify user data.
Mitel Micollab
4
CVSSv2
CVE-2020-25612
The NuPoint Messenger of Mitel MiCollab prior to 9.2 could allow an attacker with escalated privilege to access user files due to insufficient access control. Successful exploit could potentially allow an malicious user to gain access to sensitive information.
Mitel Micollab
4.3
CVSSv2
CVE-2020-28351
The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack (via the PATH_INFO to index.php) due to insufficient validation for the time_zone object in the HOME_MEETING&am...
Mitel Shoretel Firmware 19.46.1802.0
1 Github repository
3.6
CVSSv2
CVE-2020-24692
The Ignite portal in Mitel MiContact Center Business prior to 9.3.0.0 could allow an malicious user to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an malicious user to gain access to a user session.
Mitel Micontact Center Business
5
CVSSv2
CVE-2020-24592
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
6.5
CVSSv2
CVE-2020-24593
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow a remote malicious user to conduct a SQL Injection attack and access user credentials due to improper input validation.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »