Vulnerabilities > Akuvox

DATE CVE VULNERABILITY TITLE RISK
2023-03-31 CVE-2023-0343 Use of Insufficiently Random Values vulnerability in Akuvox E11 Firmware
Akuvox E11 contains a function that encrypts messages which are then forwarded.
network
low complexity
akuvox CWE-330
7.5
2023-03-31 CVE-2023-0344 Unspecified vulnerability in Akuvox E11 Firmware
Akuvox E11 appears to be using a custom version of dropbear SSH server.
network
low complexity
akuvox
7.5
2023-03-13 CVE-2023-0345 Unspecified vulnerability in Akuvox E11 Firmware
The Akuvox E11 secure shell (SSH) server is enabled by default and can be accessed by the root user.
network
low complexity
akuvox
critical
9.8
2023-03-13 CVE-2023-0346 Unspecified vulnerability in Akuvox E11 Firmware
Akuvox E11 cloud login is performed through an unencrypted HTTP connection.
network
low complexity
akuvox
7.5
2023-03-13 CVE-2023-0347 Unspecified vulnerability in Akuvox E11 Firmware
The Akuvox E11 Media Access Control (MAC) address, a primary identifier, combined with the Akuvox E11 IP address, could allow an attacker to identify the device on the Akuvox cloud.
network
low complexity
akuvox
5.3
2023-03-13 CVE-2023-0348 Unspecified vulnerability in Akuvox E11 Firmware
Akuvox E11 allows direct SIP calls.
network
low complexity
akuvox
7.5
2023-03-13 CVE-2023-0349 Unspecified vulnerability in Akuvox E11 Firmware
The Akuvox E11 libvoice library provides unauthenticated access to the camera capture for image and video.
network
low complexity
akuvox
critical
9.1
2023-03-13 CVE-2023-0350 Insufficient Verification of Data Authenticity vulnerability in Akuvox E11 Firmware
Akuvox E11 does not ensure that a file extension is associated with the file provided.
network
low complexity
akuvox CWE-345
6.5
2023-03-13 CVE-2023-0351 Command Injection vulnerability in Akuvox E11 Firmware
The Akuvox E11 web server backend library allows command injection in the device phone-book contacts functionality.
network
low complexity
akuvox CWE-77
8.8
2023-03-13 CVE-2023-0352 Unspecified vulnerability in Akuvox E11 Firmware
The Akuvox E11 password recovery webpage can be accessed without authentication, and an attacker could download the device key file.
network
low complexity
akuvox
critical
9.1