Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 prior to 7.0.5.8 Q1 2012 Maintenance Release and 8.0 prior to 8.0.9.13 Q1 2012 Maintenance Release allows remote malicious users to execute arbitrary code by uploading an executable file and then accessing it via a direct request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
avaya ip office customer call reporter 8.0 |
||
avaya ip office customer call reporter 7.0 |