Skip to main content

Faxfinder

2 CVEs product

Monthly

CVE-2018-17562 HIGH POC This Week

Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_details?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Faxfinder
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2016-10512 CRITICAL Act Now

MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Faxfinder
NVD
CVSS 3.0
9.8
EPSS
0.4%
EPSS 1% CVSS 7.5
HIGH POC This Week

Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_details?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Faxfinder
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Faxfinder
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy