Critical severity9.8NVD Advisory· Published May 29, 2023· Updated Jun 17, 2026
CVE-2022-24629
CVE-2022-24629
Description
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. Remote code execution can be achieved via directory traversal in the dir parameter of the file upload functionality of BrowseFiles.php. An attacker can upload a .php file to WebAdmin/admin/AudioCodes_files/ajax/.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- AudioCodes/Device Manager Expressdescription
- Range: <=7.8.20002.47752
Patches
Vulnerability mechanics
References
1- seclists.org/fulldisclosure/2023/Feb/12nvdExploitMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.