Vulnerabilities > Akuvox > SP R50P Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-07-22 CVE-2019-12327 Use of Hard-coded Credentials vulnerability in Akuvox Sp-R50P Firmware 50.0.6.156
Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 allow an attacker to get access to the device via telnet.
network
low complexity
akuvox CWE-798
critical
9.8
2019-07-22 CVE-2019-12326 Unrestricted Upload of File with Dangerous Type vulnerability in Akuvox Sp-R50P Firmware 50.0.6.156
Missing file and path validation in the ringtone upload function of the Akuvox R50P VoIP phone 50.0.6.156 allows an attacker to upload a manipulated ringtone file, with an executable payload (shell commands within the file) and trigger code execution.
network
low complexity
akuvox CWE-434
critical
9.8