CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-16219

A missing password verification in the web interface in AudioCodes 405HD VoIP phone with firmware 2.2.12 allows an remote attacker (in the same network as the device) to change the admin password without authentication via a POST request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.3%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 3.3

References

https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_AudioCodes_405HD.pdf
https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_AudioCodes_405HD.pdf

Products affected by CVE-2018-16219

Audiocodes » 405hd » Version: N/A

cpe:2.3:h:audiocodes:405hd:-
Audiocodes » 405hd Firmware » Version: 2.2.12

cpe:2.3:o:audiocodes:405hd_firmware:2.2.12

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-16219

Products

Pricing

Contact Us