SB2019072217 - Multiple vulnerabilities in Akuvox R50P VoIP phone

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019072217

SB2019072217 - Multiple vulnerabilities in Akuvox R50P VoIP phone

Published: July 22, 2019 Updated: November 20, 2019

Security Bulletin ID SB2019072217
Severity
High
Patch available
NO
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 33% Medium 67%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Command Injection (CVE-ID: CVE-2019-12324)

The vulnerability allows a remote attacker to execute arbitrary commands on the target system. 
The vulnerability exists due to a lack of input validation in the IP address field for the logging server in the configuration web interface. A remote authenticated attacker can trigger OS commands via shell metacharacters in a POST request.



2) Arbitrary file upload (CVE-ID: CVE-2019-12326)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to missing file and path validation in the ringtone upload function. A remote authenticated attacker can upload a manipulated ringtone file with an executable payload (shell commands within the file) and trigger code execution.


3) Use of hard-coded credentials (CVE-ID: CVE-2019-12327)

The vulnerability allows a remote attacker to gain full access to vulnerable device.

The vulnerability exists due to presence of hard-coded credentials in application code. A remote authenticated attacker can get access to the device via telnet running on port 23.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable device.


Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References