Zenitel: Security Vulnerabilities
This vulnerability allows authenticated attackers to execute arbitrary commands on the underlying system using the file name of an uploaded file.
CVSS Score
10.0
EPSS Score
0.001
Published
2026-02-04
This vulnerability allows authenticated attackers to execute commands via the hostname of the device.
CVSS Score
10.0
EPSS Score
0.001
Published
2026-01-09
This vulnerability allows authenticated attackers to execute commands via the NTP-configuration of the device.
CVSS Score
8.6
EPSS Score
0.001
Published
2026-01-09
This vulnerability allows unauthenticated attackers to inject an SQL request into GET request parameters and directly query the underlying database.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-01-09
Remote Code Execution vulnerability that allows unauthenticated attackers to inject arbitrary commands into the hostname of the device.
CVSS Score
10.0
EPSS Score
0.001
Published
2026-01-09
The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory.
CVSS Score
8.8
EPSS Score
0.27
Published
2021-09-15
Zenitel Norway IP-StationWeb before 4.2.3.9 allows reflected XSS via the goform/ PATH_INFO.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-12-06
Zenitel Norway IP-StationWeb before 4.2.3.9 allows stored XSS via the Display Name for Station Status or Account Settings, related to the goform/zForm_save_changes sip_nick parameter. The password of alphaadmin for the admin account may be used for authentication in some cases.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-12-06