Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mivoice vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-10377
A weak encryption vulnerability in Mitel MiVoice Connect Client prior to 214.100.1214.0 could allow an unauthenticated malicious user to gain access to user credentials. A successful exploit could allow an malicious user to access the system with compromised user credentials.
Mitel Mivoice Connect Client
Mitel Mivoice Connect
605
VMScore
CVE-2022-31784
A vulnerability in the management interface of MiVoice Business up to and including 9.3 PR1 and MiVoice Business Express up to and including 8.0 SP3 PR3 could allow an unauthenticated attacker (that has network access to the management interface) to conduct a buffer overflow atta...
Mitel Mivoice Business
Mitel Mivoice Business Express
NA
CVE-2023-25599
A vulnerability in the conferencing component of Mitel MiVoice Connect up to and including 19.3 SP2, 22.24.1500.0 could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the test_presenter.php page....
Mitel Mivoice Connect
Mitel Mivoice Connect 19.3
668
VMScore
CVE-2020-10211
A remote code execution vulnerability in UCB component of Mitel MiVoice Connect prior to 19.1 SP1 could allow an unauthenticated remote malicious user to execute arbitrary scripts due to insufficient validation of URL parameters. A successful exploit could allow an malicious user...
Mitel Mivoice Connect Client
Mitel Mivoice Connect
NA
CVE-2022-40765
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect up to and including 19.3 (22.22.6100.0) could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters.
Mitel Mivoice Connect
Mitel Mivoice Connect 19.3
NA
CVE-2022-41223
The Director database component of MiVoice Connect up to and including 19.3 (22.22.6100.0) could allow an authenticated malicious user to conduct a code-injection attack via crafted data due to insufficient restrictions on the database data type.
Mitel Mivoice Connect
Mitel Mivoice Connect 19.3
427
VMScore
CVE-2020-27640
The Bluetooth handset of Mitel MiVoice 6940 and 6930 MiNet phones with firmware prior to 1.5.3 could allow an unauthenticated attacker within Bluetooth range to pair a rogue Bluetooth device when a phone handset loses connection, due to an improper pairing mechanism. A successful...
Mitel Mivoice 6940 Firmware
Mitel Mivoice 6930 Firmware
NA
CVE-2023-39292
A SQL Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller up to and including 1.2.5.23 which could allow a malicious actor to access sensitive information and execute arbitrary database and management operations.
Mitel Mivoice Office 400
Mitel Mivoice Office 400 Smb Controller Firmware
NA
CVE-2023-39293
A Command Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller up to and including 1.2.5.23 which could allow a malicious actor to execute arbitrary commands within the context of the system.
Mitel Mivoice Office 400
Mitel Mivoice Office 400 Smb Controller Firmware
NA
CVE-2023-39285
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect up to and including 19.3 SP3 (22.24.5800.0) could allow an unauthenticated malicious user to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful exploit coul...
Mitel Mivoice Connect
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5841
file upload
man-in-the-middle
arbitrary
CVE-2024-27801
CVE-2024-28020
CVE-2024-30080
CVE-2024-30069
CVE-2024-5843
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »