Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
audiocodes vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-22955
An issue exists on AudioCodes VoIP desk phones up to and including 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher ...
Audiocodes C470hd Firmware
Audiocodes C455hd Firmware
Audiocodes C435hd Firmware
Audiocodes 445hd Firmware
Audiocodes 405hd Firmware
Audiocodes C450hd Firmware
NA
CVE-2023-22956
An issue exists on AudioCodes VoIP desk phones up to and including 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information.
Audiocodes C470hd Firmware
Audiocodes C455hd Firmware
Audiocodes C435hd Firmware
Audiocodes 445hd Firmware
Audiocodes 405hd Firmware
Audiocodes C450hd Firmware
NA
CVE-2023-22957
An issue exists in libac_des3.so on AudioCodes VoIP desk phones up to and including 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., t...
Audiocodes C470hd Firmware
Audiocodes C455hd Firmware
Audiocodes C435hd Firmware
Audiocodes 445hd Firmware
Audiocodes 405hd Firmware
Audiocodes C450hd Firmware
605
VMScore
CVE-2019-9231
An issue exists on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions prior to 7.20A.202.307. A Cross-Site Request Forgery (CSRF) vulnerability in the management web interface allows remote malicious users to execute malicious and unau...
Audiocodes Mediant 500l-msbr Firmware
Audiocodes Mediant 500-mbsr Firmware
Audiocodes Mediant M800b-msbr Firmware
Audiocodes Mediant 800c-msbr Firmware
445
VMScore
CVE-2019-9228
An issue exists on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A at least to 7.20A.252.062. The (1) management SSH and (2) management TELNET features allow remote malicious users to cause a denial of service (connection slo...
Audiocodes Median 500l-msbr Firmware
Audiocodes Median 500-msbr Firmware
Audiocodes Median M800b-msbr Firmware
Audiocodes Median 800c-msbr Firmware
516
VMScore
CVE-2019-9229
An issue exists on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.251. An internal interface exposed to the link-local address 169.254.254.253 allows attackers in the local network to access multiple quagga VTYs. A...
Audiocodes Median 500l-msbr Firmware
Audiocodes Median 500-msbr Firmware
Audiocodes Median M800b-msbr Firmware
Audiocodes Median 800c-msbr Firmware
383
VMScore
CVE-2019-9230
An issue exists on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.253. A cross-site scripting (XSS) vulnerability in the search function of the management web interface allows remote malicious users to inject arbit...
Audiocodes Mediant 500l-msbr Firmware
Audiocodes Mediant 500-mbsr Firmware
Audiocodes Mediant M800b-msbr Firmware
Audiocodes Mediant 800c-msbr Firmware
383
VMScore
CVE-2018-18567
AudioCodes 440HD and 450HD devices 3.1.2.89 and previous versions allows man-in-the-middle malicious users to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business.
Audiocodes 440hd Firmware
Audiocodes 450hd Firmware
685
VMScore
CVE-2018-16216
A command injection (missing input validation, escaping) in the monitoring or memory status web interface in AudioCodes 405HD (firmware 2.2.12) VoIP phone allows an authenticated remote attacker in the same network as the device to trigger OS commands (like starting telnetd or op...
Audiocodes 405hd Firmware 2.2.12
294
VMScore
CVE-2018-16219
A missing password verification in the web interface in AudioCodes 405HD VoIP phone with firmware 2.2.12 allows an remote attacker (in the same network as the device) to change the admin password without authentication via a POST request.
Audiocodes 405hd Firmware 2.2.12
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »