VYPR
Unrated severityNVD Advisory· Published Jul 22, 2019· Updated Aug 4, 2024

CVE-2019-12326

CVE-2019-12326

Description

Missing file and path validation in the ringtone upload function of the Akuvox R50P VoIP phone 50.0.6.156 allows an attacker to upload a manipulated ringtone file, with an executable payload (shell commands within the file) and trigger code execution.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.