Unrated severityNVD Advisory· Published Jul 22, 2019· Updated Aug 4, 2024
CVE-2019-12326
CVE-2019-12326
Description
Missing file and path validation in the ringtone upload function of the Akuvox R50P VoIP phone 50.0.6.156 allows an attacker to upload a manipulated ringtone file, with an executable payload (shell commands within the file) and trigger code execution.
Affected products
2- Akuvox/R50P VoIP phonedescription
- Range: 50.0.6.156
Patches
Vulnerability mechanics
References
1- www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Akuvox_R50P.pdfmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.