Unrated severityNVD Advisory· Published Jul 3, 2012· Updated Apr 29, 2026

CVE-2012-3811

Description

Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request.

Affected products

Avaya/Ip Office Customer Call Reporter2 versions
cpe:2.3:a:avaya:ip_office_customer_call_reporter:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:avaya:ip_office_customer_call_reporter:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office_customer_call_reporter:8.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

downloads.avaya.com/css/P8/documents/100164021nvdVendor Advisory
zerodayinitiative.com/advisories/ZDI-12-106/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.063
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000