Описание
A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and earlier, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Одновременно
Одно из
EPSS
6.8 Medium
CVSS3
7.2 High
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and earlier, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.
Уязвимость микропрограммного обеспечения настольных телефонов Mitel серии 6900, связанная с ошибками авторизации, позволяющая нарушителю выполнить произвольный код
EPSS
6.8 Medium
CVSS3
7.2 High
CVSS2