Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2017-16250
A vulnerability in Mitel ST 14.2, release GA28 and previous versions, could allow an malicious user to use the API function to enumerate through user-ids which could be used to identify valid user ids and associated user names.
Mitel St14.2
801
VMScore
CVE-2017-16251
A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and previous versions, could allow an authenticated user to upload a malicious script to the Personal Library by a crafted POST request. Successful exploit could allow an malicious user to execute arbitr...
Mitel St14.2
1 Github repository
641
VMScore
CVE-2022-29854
A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and previous versions, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during syst...
Mitel Minet Firmware
383
VMScore
CVE-2020-13767
The Mitel MiCollab application prior to 9.1.332 for iOS could allow an unauthorized user to access restricted files and folders due to insufficient access control. An exploit requires a rooted iOS device, and (if successful) could allow an malicious user to gain access to sensiti...
Mitel Micollab
516
VMScore
CVE-2020-27340
The online help portal of Mitel MiCollab prior to 9.2 could allow an malicious user to redirect a user to an unauthorized website by executing malicious script due to insufficient access control.
Mitel Micollab
NA
CVE-2023-39285
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect up to and including 19.3 SP3 (22.24.5800.0) could allow an unauthenticated malicious user to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful exploit coul...
Mitel Mivoice Connect
NA
CVE-2023-39287
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect up to and including 19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sani...
Mitel Mivoice Connect
NA
CVE-2023-39288
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect up to and including 9.6.2304.102 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sani...
Mitel Mivoice Connect
NA
CVE-2023-39289
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect up to and including 9.6.2208.101 could allow an unauthenticated malicious user to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an malicious u...
Mitel Mivoice Connect
NA
CVE-2023-39290
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an ma...
Mitel Mivoice Connect
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »