Vulnerabilities > Avaya > Aura Device Services > 7.0.1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-19 | CVE-2023-3722 | Unrestricted Upload of File with Dangerous Type vulnerability in Avaya Aura Device Services An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. | 9.8 |
| 2021-06-25 | CVE-2021-25654 | Unspecified vulnerability in Avaya Aura Device Services An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. | 4.6 |