Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alcatel-lucent vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-3920
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated malicious user to /GponForm/device_Form?script/.
Nokia I-240w-q Gpon Ont Firmware 3fe54567bozj19
7.2
CVSSv3
CVE-2019-20048
An issue exists on Alcatel-Lucent OmniVista 8770 devices prior to 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM.
Al-enterprise Omnivista 8770
8.8
CVSSv3
CVE-2019-3921
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated malicious user to /GponForm/usb_Form?script/. An attacker can leverage this vulnerability to potential...
Nokia I-240w-q Gpon Ont Firmware 3fe54567bozj19
9.8
CVSSv3
CVE-2019-3922
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated malicious user to /GponForm/fsetup_Form. An attacker can leverage this vulnerability to potentially ...
Nokia I-240w-q Gpon Ont Firmware 3fe54567bozj19
NA
CVE-2024-29149
An issue exists in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.01.10.728. Because of a time-of-check time-of-use vulnerability, an authenticated attacker is able to replace the verified firmware image with malici...
9.8
CVSSv3
CVE-2019-20049
An issue exists on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construc...
Al-enterprise Omnivista 4760
NA
CVE-2007-1189
Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the de...
Bell Labs Plan 9
1 EDB exploit
8
CVSSv3
CVE-2019-14260
On the Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone VoIP phone with firmware 1.50.13, a command injection (missing input validation) issue in the password change field for the Change Password interface allows an authenticated remote attacker in the same network to...
Al-enterprise 8008 Firmware 1.50.13
7.5
CVSSv3
CVE-2019-20047
An issue exists on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices prior to 4.1.2. An incorrect web server configuration allows a remote unauthenticated malicious user to retrieve the content of its own session files. Every session file contains the administrative LDAP cr...
Al-enterprise Omnivista 4760
Al-enterprise Omnivista 8770
NA
CVE-2024-29150
An issue exists in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.01.10.728. Because of improper privilege management, an authenticated attacker is able to create symlinks to sensitive and protected data in location...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »