Skip to main content

Ip Office

5 CVEs product

Monthly

CVE-2024-4197 CRITICAL Act Now

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft File Upload Ip Office
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-4196 CRITICAL Act Now

An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Ip Office
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2020-7030 MEDIUM POC This Month

A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Authentication Bypass Information Disclosure Ip Office
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
1.0%
CVE-2018-15610 HIGH This Week

A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Ip Office
NVD
CVSS 3.0
8.8
EPSS
1.8%
CVE-2017-11309 CRITICAL POC THREAT Emergency

Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 25.4%.

Buffer Overflow RCE Microsoft Ip Office
NVD Exploit-DB
CVSS 3.0
9.6
EPSS
25.4%
Threat
4.2
EPSS 1% CVSS 9.8
CRITICAL Act Now

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft File Upload +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Ip Office
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Authentication Bypass Information Disclosure +1
NVD Exploit-DB
EPSS 2% CVSS 8.8
HIGH This Week

A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Ip Office
NVD
EPSS 25% 4.2 CVSS 9.6
CRITICAL POC THREAT Emergency

Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 25.4%.

Buffer Overflow RCE Microsoft +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy