Vulnerabilities > Akuvox > E11 Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-31 | CVE-2023-0343 | Use of Insufficiently Random Values vulnerability in Akuvox E11 Firmware Akuvox E11 contains a function that encrypts messages which are then forwarded. | 7.5 |
2023-03-31 | CVE-2023-0344 | Unspecified vulnerability in Akuvox E11 Firmware Akuvox E11 appears to be using a custom version of dropbear SSH server. | 7.5 |
2023-03-13 | CVE-2023-0345 | Unspecified vulnerability in Akuvox E11 Firmware The Akuvox E11 secure shell (SSH) server is enabled by default and can be accessed by the root user. | 9.8 |
2023-03-13 | CVE-2023-0346 | Unspecified vulnerability in Akuvox E11 Firmware Akuvox E11 cloud login is performed through an unencrypted HTTP connection. | 7.5 |
2023-03-13 | CVE-2023-0347 | Unspecified vulnerability in Akuvox E11 Firmware The Akuvox E11 Media Access Control (MAC) address, a primary identifier, combined with the Akuvox E11 IP address, could allow an attacker to identify the device on the Akuvox cloud. | 5.3 |
2023-03-13 | CVE-2023-0348 | Unspecified vulnerability in Akuvox E11 Firmware Akuvox E11 allows direct SIP calls. | 7.5 |
2023-03-13 | CVE-2023-0349 | Unspecified vulnerability in Akuvox E11 Firmware The Akuvox E11 libvoice library provides unauthenticated access to the camera capture for image and video. | 9.1 |
2023-03-13 | CVE-2023-0350 | Insufficient Verification of Data Authenticity vulnerability in Akuvox E11 Firmware Akuvox E11 does not ensure that a file extension is associated with the file provided. | 6.5 |
2023-03-13 | CVE-2023-0351 | Command Injection vulnerability in Akuvox E11 Firmware The Akuvox E11 web server backend library allows command injection in the device phone-book contacts functionality. | 8.8 |
2023-03-13 | CVE-2023-0352 | Unspecified vulnerability in Akuvox E11 Firmware The Akuvox E11 password recovery webpage can be accessed without authentication, and an attacker could download the device key file. | 9.1 |