Audiocodes 420HD IP Phone Firmware 3.0.0.535.106
Approved changes feed: RSS · Atom
cpe:2.3:o:audiocodes:420hd_ip_phone_firmware:3.0.0.535.106:*:*:*:*:*:*:*
part: o version: 3.0.0.535.106 update: *
| Vendor | Audiocodes (c9d739e3-388b-5111-9d13-7f2977972a70) |
|---|---|
| Product | 420Hd Ip Phone Firmware (123a3839-e036-5454-98ec-31d595895653) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-5757 |
vulnerable | 2026-06-03 14:38:58.561612 |
Details available
An issue was discovered on AudioCodes 450HD IP Phone devices with firmware 3.0.0.535.106. The traceroute and ping functionality, which uses a parameter in a request to command.cgi from the Monitoring page in the web UI, unsafely puts user-alterable data directly into an OS command, leading to Remote Code Execution via shell metacharacters in the query string.
Published: 2019-04-01T16:17:30.000Z
Updated: 2024-08-05T05:40:51.350Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.