Vulnerabilities > Avaya > Aura Device Services

DATE CVE VULNERABILITY TITLE RISK
2023-07-19 CVE-2023-3722 Unrestricted Upload of File with Dangerous Type vulnerability in Avaya Aura Device Services
An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file.
network
low complexity
avaya CWE-434
critical
9.8
2021-06-25 CVE-2021-25654 Unspecified vulnerability in Avaya Aura Device Services
An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts.
local
low complexity
avaya
7.8