Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alcatel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29149
An issue exists in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.01.10.728. Because of a time-of-check time-of-use vulnerability, an authenticated attacker is able to replace the verified firmware image with malici...
6.8
CVSSv3
CVE-2019-16242
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the appl...
Alcatelmobile Cingular Flip 2 Firmware B9huah1
9.8
CVSSv3
CVE-2019-20049
An issue exists on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construc...
Al-enterprise Omnivista 4760
6.1
CVSSv3
CVE-2019-16243
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. (This web API is normally used by...
Alcatelmobile Cingular Flip 2 Firmware B9huah1
8
CVSSv3
CVE-2019-14260
On the Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone VoIP phone with firmware 1.50.13, a command injection (missing input validation) issue in the password change field for the Change Password interface allows an authenticated remote attacker in the same network to...
Al-enterprise 8008 Firmware 1.50.13
NA
CVE-2007-1189
Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the de...
Bell Labs Plan 9
1 EDB exploit
7.5
CVSSv3
CVE-2019-20047
An issue exists on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices prior to 4.1.2. An incorrect web server configuration allows a remote unauthenticated malicious user to retrieve the content of its own session files. Every session file contains the administrative LDAP cr...
Al-enterprise Omnivista 4760
Al-enterprise Omnivista 8770
6.8
CVSSv3
CVE-2019-16241
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication ...
Alcatelmobile Cingular Flip 2 Firmware B9huah1
7.8
CVSSv3
CVE-2018-14327
The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" direc...
Ee Ee40vb Firmware
1 EDB exploit
NA
CVE-2024-29150
An issue exists in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.01.10.728. Because of improper privilege management, an authenticated attacker is able to create symlinks to sensitive and protected data in location...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »