Scaner-VSvulnerability catalog · v4.2

Home Catalog Sources CWE CAPEC ATT&CK Mitigations Products Vendors Docs

← Back to List

Audiocodes›Operating systemnvd

Mediant 500-mbsr Firmware

Vulnerabilities

2

Known exploited

0

Max CVSS

8.8

Top EPSS

0.0103

Severity breakdown

Critical

0

High

1

Medium

1

Low

0

Affected version ranges

f7.20a–f7.20a.202.307f7.20a–f7.20a.253

Also matched as (raw): mediant_500-mbsr_firmware

Top vulnerabilities

CVE-2019-9231An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions before 7.20A.202.307. A Cross-Site Request Forgery (CSRF) vulnerability in the management web interface allows remote attackers to execute malicious and unauthorized actions, because CSRFProtection=1 is not a default and is not documented.

CVE-2019-9230An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.253. A cross-site scripting (XSS) vulnerability in the search function of the management web interface allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.

View vendor →Open in catalog with product filter →