Vulnerabilities > NEC > Sv9100 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-29 | CVE-2019-20029 | Unspecified vulnerability in NEC products An exploitable privilege escalation vulnerability exists in the WebPro functionality of Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices. | 8.8 |
| 2020-07-29 | CVE-2019-20028 | Unspecified vulnerability in NEC products Aspire-derived NEC PBXes operating InMail software, including all versions of SV8100, SV9100, SL1100 and SL2100 devices allow unauthenticated read-only access to voicemails, greetings, and voice response system content through a system's WebPro administration interface. | 7.5 |
| 2020-07-29 | CVE-2019-20026 | Unspecified vulnerability in NEC Sv9100 Firmware 7.0 The WebPro interface in NEC SV9100 software releases 7.0 or higher allows unauthenticated remote attackers to reset all existing usernames and passwords to default values via a crafted request. | 7.5 |