← Back

A10w Firmware

a10w_firmware

Vendor: Atcom • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-12328
1Atcom
1A10w Firmware
Nov 21, 2024
Jul 22, 2019
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
A command injection (missing input validation) issue in the remote phonebook configuration URI in the web interface of the Atcom A10W VoIP phone with firmware 2.6.1a2421 allows an authenticated remote attacker in the sam...Show more
A command injection (missing input validation) issue in the remote phonebook configuration URI in the web interface of the Atcom A10W VoIP phone with firmware 2.6.1a2421 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request.Show less