Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Avaya IP Office Web Control RCE Vulnerability
Vulnerability Description
An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to 11.1.3.1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
无充分访问控制条件下暴露IOCTL
Vulnerability Title
Avaya IP Office 安全漏洞
Vulnerability Description
Avaya IP Office是美国亚美亚(Avaya)公司的一套小型商务电话系统。 Avaya IP Office 11.1.3.1 之前版本存在安全漏洞,该漏洞源于允许通过对 Web 控制组件进行特制的 Web 请求来执行远程命令或代码。
CVSS Information
N/A
Vulnerability Type
N/A