Vulnerabilities (CVE)

Filtered by vendor Audiocodes Subscribe
Filtered by product Mediant 500l-msbr
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-9231 1 Audiocodes 8 Mediant 500-mbsr, Mediant 500-mbsr Firmware, Mediant 500l-msbr and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions before 7.20A.202.307. A Cross-Site Request Forgery (CSRF) vulnerability in the management web interface allows remote attackers to execute malicious and unauthorized actions, because CSRFProtection=1 is not a default and is not documented.
CVE-2019-9230 1 Audiocodes 8 Mediant 500-mbsr, Mediant 500-mbsr Firmware, Mediant 500l-msbr and 5 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.253. A cross-site scripting (XSS) vulnerability in the search function of the management web interface allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.