Skip to main content

Next Generation Communication Platform

4 CVEs product

Monthly

CVE-2024-28345 MEDIUM POC This Month

An issue discovered in Sipwise C5 NGCP Dashboard below mr11.5.1 allows a low privileged user to access the Journal endpoint by directly visit the URL. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Next Generation Communication Platform
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-28344 LOW POC Monitor

An Open Redirect vulnerability was found in Sipwise C5 NGCP Dashboard below mr11.5.1. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Open Redirect Next Generation Communication Platform
NVD
CVSS 3.1
3.1
EPSS
0.5%
CVE-2021-31584 HIGH POC This Week

Sipwise C5 NGCP www_csc version 3.6.4 up to and including platform NGCP CE mr3.8.13 allows call/click2dial CSRF attacks for actions with administrative privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Next Generation Communication Platform
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-31583 MEDIUM POC This Month

Sipwise C5 NGCP WWW Admin version 3.6.7 up to and including platform version NGCP CE 3.0 has multiple authenticated stored and reflected XSS vulnerabilities when input passed via several parameters. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Next Generation Communication Platform
NVD
CVSS 3.1
5.4
EPSS
1.1%
EPSS 0% CVSS 5.5
MEDIUM POC This Month

An issue discovered in Sipwise C5 NGCP Dashboard below mr11.5.1 allows a low privileged user to access the Journal endpoint by directly visit the URL. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Next Generation Communication Platform
NVD
EPSS 0% CVSS 3.1
LOW POC Monitor

An Open Redirect vulnerability was found in Sipwise C5 NGCP Dashboard below mr11.5.1. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Open Redirect Next Generation Communication Platform
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

Sipwise C5 NGCP www_csc version 3.6.4 up to and including platform NGCP CE mr3.8.13 allows call/click2dial CSRF attacks for actions with administrative privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Next Generation Communication Platform
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Sipwise C5 NGCP WWW Admin version 3.6.7 up to and including platform version NGCP CE 3.0 has multiple authenticated stored and reflected XSS vulnerabilities when input passed via several parameters. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Next Generation Communication Platform
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy