Vendor CVEs
Alcatel Lucent
All CVEs
60 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-3010 | Cri | 0.86 | 9.8 | 0.97 | KEV | Sep 18, 2007 | masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action. | |
| CVE-2016-9796 | Cri | 0.68 | 9.8 | 0.13 | Dec 3, 2016 | Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be queried using the GIOP protocol on TCP port 30024. An attacker can bypass authentication, and OmniVista invokes methods (AddJobSet, AddJob, and ExecuteNow) that can be used to run… | ||
| CVE-2024-29150 | Hig | 0.57 | 8.8 | 0.00 | May 7, 2024 | An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.01.10.728. Because of improper privilege management, an authenticated attacker is able to create symlinks to sensitive and protected data in… | ||
| CVE-2018-14327 | Hig | 0.54 | 7.8 | 0.04 | Sep 26, 2018 | The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" directories, which… | ||
| CVE-2015-6498 | Hig | 0.49 | 7.5 | 0.02 | Aug 9, 2017 | Alcatel-Lucent Home Device Manager before 4.1.10, 4.2.x before 4.2.2 allows remote attackers to spoof and make calls as target devices. | ||
| CVE-2024-29149 | Hig | 0.48 | 7.4 | 0.00 | May 7, 2024 | An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.01.10.728. Because of a time-of-check time-of-use vulnerability, an authenticated attacker is able to replace the verified firmware image… | ||
| CVE-2026-44861 | Hig | 0.47 | 7.2 | 0.00 | May 12, 2026 | SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted… | ||
| CVE-2018-6597 | Med | 0.44 | 6.8 | 0.01 | Aug 29, 2018 | The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user. They have made modifications that allow a user with physical access to the… | ||
| CVE-2025-37139 | Med | 0.39 | 6.0 | 0.00 | Oct 14, 2025 | A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable, resulting in a Denial of Service that can only be resolved by replacing the affected… | ||
| CVE-2015-8687 | Med | 0.35 | 5.4 | 0.01 | Mar 23, 2017 | Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Alcatel-Lucent Motive Home Device Manager (HDM) before 4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceTypeID parameter to DeviceType/getDeviceType.do; the (2)… | ||
| CVE-2008-1331 | 0.04 | — | 0.09 | Apr 2, 2008 | cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote attackers to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the id2 parameter. | |||
| CVE-2019-3921 | 0.03 | — | 0.18 | Mar 5, 2019 | The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usb_Form?script/. An attacker can leverage this vulnerability to potentially… | |||
| CVE-2015-2805 | 0.03 | — | 0.03 | Jun 16, 2015 | Cross-site request forgery (CSRF) vulnerability in sec/content/sec_asa_users_local_db_add.html in the management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900, 10K, and 6860 with firmware 6.4.5.R02, 6.4.6.R01, 6.6.4.R01, 6.6.5.R02,… | |||
| CVE-2007-5190 | 0.03 | — | 0.02 | Oct 22, 2007 | Multiple cross-site scripting (XSS) vulnerabilities in Alcatel OmniVista 4760 R4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the action parameter to php-bin/Webclient.php or (2) the Langue parameter to the default URI. | |||
| CVE-2019-20049 | 0.02 | — | 0.13 | Dec 27, 2019 | An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the… | |||
| CVE-2019-20048 | 0.01 | — | 0.06 | Dec 27, 2019 | An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM. | |||
| CVE-2019-3919 | 0.01 | — | 0.04 | Mar 5, 2019 | The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/usb_restore_Form?script/. | |||
| CVE-2019-3920 | 0.01 | — | 0.04 | Mar 5, 2019 | The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/device_Form?script/. | |||
| CVE-2019-3922 | 0.01 | — | 0.05 | Mar 5, 2019 | The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to /GponForm/fsetup_Form. An attacker can leverage this vulnerability to potentially… | |||
| CVE-2008-4383 | 0.01 | — | 0.08 | Oct 3, 2008 | Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01,… | |||
| CVE-2021-31795 | 0.00 | — | 0.00 | Apr 24, 2021 | The PowerVR GPU kernel driver in pvrsrvkm.ko through 2021-04-24 for the Linux kernel, as used on Alcatel 1S phones, allows attackers to overwrite heap memory via PhysmemNewRamBackedPMR. | |||
| CVE-2014-3809 | 0.00 | — | 0.01 | Jan 31, 2020 | Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html. | |||
| CVE-2019-20047 | 0.00 | — | 0.03 | Dec 27, 2019 | An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP… | |||
| CVE-2019-16241 | 0.00 | — | 0.00 | Nov 26, 2019 | On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication… | |||
| CVE-2019-16243 | 0.00 | — | 0.01 | Nov 26, 2019 | On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. (This web API is normally used by the… | |||
| CVE-2019-16242 | 0.00 | — | 0.01 | Nov 26, 2019 | On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the… | |||
| CVE-2019-7163 | 0.00 | — | 0.02 | Aug 2, 2019 | The web interface of Alcatel LINKZONE MW40-V-V1.0 MW40_LU_02.00_02 devices is vulnerable to an authentication bypass that allows an unauthenticated user to have access to the web interface without knowing the administrator's password. | |||
| CVE-2019-3918 | 0.00 | — | 0.02 | Mar 5, 2019 | The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces. | |||
| CVE-2019-3917 | 0.00 | — | 0.02 | Mar 5, 2019 | The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote, unauthenticated attacker to enable telnetd on the router via a crafted HTTP request. | |||
| CVE-2015-4586 | 0.00 | — | 0.01 | Jun 23, 2015 | Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL with firmware 1.0.0.20h.HOL allows remote attackers to hijack the authentication of administrators for requests that create a user account via an add_user action in a request to… | |||
| CVE-2015-4587 | 0.00 | — | 0.01 | Jun 18, 2015 | Cross-site scripting (XSS) vulnerability in the Alcatel-Lucent CellPipe 7130 router with firmware 1.0.0.20h.HOL allows remote attackers to inject arbitrary web script or HTML via the "Custom application" field in the "port triggering" menu. | |||
| CVE-2015-2804 | 0.00 | — | 0.02 | Jun 16, 2015 | The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, and 6855 with firmware before 6.6.4.309.R01 and 6.6.5.x before 6.6.5.80.R02 generates weak session identifiers, which allows remote attackers to hijack arbitrary sessions via a brute force… | |||
| CVE-2013-4653 | 0.00 | — | 0.01 | Aug 20, 2013 | Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message Delivery System (AMDS) before 6.7, Omnitouch 8460 Advanced Communication Server… | |||
| CVE-2011-4505 | 0.00 | — | 0.01 | Nov 22, 2011 | The UPnP IGD implementation on SpeedTouch 5x6 devices with firmware before 6.2.29 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability. | |||
| CVE-2011-0345 | 0.00 | — | 0.01 | Mar 8, 2011 | Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP GET requests, related to the lang variable. | |||
| CVE-2011-0344 | 0.00 | — | 0.02 | Mar 8, 2011 | Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server (CS) in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote attackers to execute arbitrary code… | |||
| CVE-2010-3281 | 0.00 | — | 0.02 | Sep 23, 2010 | Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.c_Patch3 allows remote attackers to execute arbitrary code or cause a denial of service (service crash) via a long request. | |||
| CVE-2010-3280 | 0.00 | — | 0.01 | Sep 23, 2010 | The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition relies on client-side authorization checking, and unconditionally sends the SuperUser password to the client for use during an… | |||
| CVE-2010-3279 | 0.00 | — | 0.01 | Sep 23, 2010 | The default configuration of the CCAgent option before 9.0.8.4 in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition enables maintenance access, which allows remote attackers to monitor or reconfigure Contact Center operations… | |||
| CVE-2007-5361 | 0.00 | — | 0.02 | Nov 20, 2007 | The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a… | |||
| CVE-2007-5383 | 0.00 | — | 0.04 | Oct 12, 2007 | The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the PATH_INFO to cgi/b, aka… | |||
| CVE-2007-5384 | 0.00 | — | 0.01 | Oct 12, 2007 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to perform actions as administrators via unspecified POST requests, as demonstrated by enabling an… | |||
| CVE-2007-5385 | 0.00 | — | 0.01 | Oct 12, 2007 | Multiple cross-site scripting (XSS) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2007-2512 | 0.00 | — | 0.01 | Jun 7, 2007 | Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems. | |||
| CVE-2007-1822 | 0.00 | — | 0.03 | Apr 2, 2007 | Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID). | |||
| CVE-2007-0931 | 0.00 | — | 0.06 | Feb 14, 2007 | Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code… | |||
| CVE-2007-0932 | 0.00 | — | 0.02 | Feb 14, 2007 | The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the… | |||
| CVE-2004-2377 | 0.00 | — | 0.02 | Dec 31, 2004 | Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled. | |||
| CVE-2003-1108 | 0.00 | — | 0.05 | Dec 31, 2003 | The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | |||
| CVE-2002-1691 | 0.00 | — | 0.04 | Dec 31, 2002 | Alcatel OmniPCX 4400 installs known user accounts and passwords in the /etc/password file by default, which allows remote attackers to gain unauthorized access. |
- risk 0.86cvss 9.8epss 0.97
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.
- risk 0.68cvss 9.8epss 0.13
Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be queried using the GIOP protocol on TCP port 30024. An attacker can bypass authentication, and OmniVista invokes methods (AddJobSet, AddJob, and ExecuteNow) that can be used to run…
- risk 0.57cvss 8.8epss 0.00
An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.01.10.728. Because of improper privilege management, an authenticated attacker is able to create symlinks to sensitive and protected data in…
- risk 0.54cvss 7.8epss 0.04
The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" directories, which…
- risk 0.49cvss 7.5epss 0.02
Alcatel-Lucent Home Device Manager before 4.1.10, 4.2.x before 4.2.2 allows remote attackers to spoof and make calls as target devices.
- risk 0.48cvss 7.4epss 0.00
An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.01.10.728. Because of a time-of-check time-of-use vulnerability, an authenticated attacker is able to replace the verified firmware image…
- risk 0.47cvss 7.2epss 0.00
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted…
- risk 0.44cvss 6.8epss 0.01
The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user. They have made modifications that allow a user with physical access to the…
- risk 0.39cvss 6.0epss 0.00
A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable, resulting in a Denial of Service that can only be resolved by replacing the affected…
- risk 0.35cvss 5.4epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Alcatel-Lucent Motive Home Device Manager (HDM) before 4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceTypeID parameter to DeviceType/getDeviceType.do; the (2)…
- CVE-2008-1331Apr 2, 2008risk 0.04cvss —epss 0.09
cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote attackers to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the id2 parameter.
- CVE-2019-3921Mar 5, 2019risk 0.03cvss —epss 0.18
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usb_Form?script/. An attacker can leverage this vulnerability to potentially…
- CVE-2015-2805Jun 16, 2015risk 0.03cvss —epss 0.03
Cross-site request forgery (CSRF) vulnerability in sec/content/sec_asa_users_local_db_add.html in the management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900, 10K, and 6860 with firmware 6.4.5.R02, 6.4.6.R01, 6.6.4.R01, 6.6.5.R02,…
- CVE-2007-5190Oct 22, 2007risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in Alcatel OmniVista 4760 R4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the action parameter to php-bin/Webclient.php or (2) the Langue parameter to the default URI.
- CVE-2019-20049Dec 27, 2019risk 0.02cvss —epss 0.13
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the…
- CVE-2019-20048Dec 27, 2019risk 0.01cvss —epss 0.06
An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM.
- CVE-2019-3919Mar 5, 2019risk 0.01cvss —epss 0.04
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/usb_restore_Form?script/.
- CVE-2019-3920Mar 5, 2019risk 0.01cvss —epss 0.04
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/device_Form?script/.
- CVE-2019-3922Mar 5, 2019risk 0.01cvss —epss 0.05
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to /GponForm/fsetup_Form. An attacker can leverage this vulnerability to potentially…
- CVE-2008-4383Oct 3, 2008risk 0.01cvss —epss 0.08
Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01,…
- CVE-2021-31795Apr 24, 2021risk 0.00cvss —epss 0.00
The PowerVR GPU kernel driver in pvrsrvkm.ko through 2021-04-24 for the Linux kernel, as used on Alcatel 1S phones, allows attackers to overwrite heap memory via PhysmemNewRamBackedPMR.
- CVE-2014-3809Jan 31, 2020risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html.
- CVE-2019-20047Dec 27, 2019risk 0.00cvss —epss 0.03
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP…
- CVE-2019-16241Nov 26, 2019risk 0.00cvss —epss 0.00
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication…
- CVE-2019-16243Nov 26, 2019risk 0.00cvss —epss 0.01
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. (This web API is normally used by the…
- CVE-2019-16242Nov 26, 2019risk 0.00cvss —epss 0.01
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the…
- CVE-2019-7163Aug 2, 2019risk 0.00cvss —epss 0.02
The web interface of Alcatel LINKZONE MW40-V-V1.0 MW40_LU_02.00_02 devices is vulnerable to an authentication bypass that allows an unauthenticated user to have access to the web interface without knowing the administrator's password.
- CVE-2019-3918Mar 5, 2019risk 0.00cvss —epss 0.02
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces.
- CVE-2019-3917Mar 5, 2019risk 0.00cvss —epss 0.02
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote, unauthenticated attacker to enable telnetd on the router via a crafted HTTP request.
- CVE-2015-4586Jun 23, 2015risk 0.00cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL with firmware 1.0.0.20h.HOL allows remote attackers to hijack the authentication of administrators for requests that create a user account via an add_user action in a request to…
- CVE-2015-4587Jun 18, 2015risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the Alcatel-Lucent CellPipe 7130 router with firmware 1.0.0.20h.HOL allows remote attackers to inject arbitrary web script or HTML via the "Custom application" field in the "port triggering" menu.
- CVE-2015-2804Jun 16, 2015risk 0.00cvss —epss 0.02
The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, and 6855 with firmware before 6.6.4.309.R01 and 6.6.5.x before 6.6.5.80.R02 generates weak session identifiers, which allows remote attackers to hijack arbitrary sessions via a brute force…
- CVE-2013-4653Aug 20, 2013risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message Delivery System (AMDS) before 6.7, Omnitouch 8460 Advanced Communication Server…
- CVE-2011-4505Nov 22, 2011risk 0.00cvss —epss 0.01
The UPnP IGD implementation on SpeedTouch 5x6 devices with firmware before 6.2.29 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
- CVE-2011-0345Mar 8, 2011risk 0.00cvss —epss 0.01
Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP GET requests, related to the lang variable.
- CVE-2011-0344Mar 8, 2011risk 0.00cvss —epss 0.02
Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server (CS) in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote attackers to execute arbitrary code…
- CVE-2010-3281Sep 23, 2010risk 0.00cvss —epss 0.02
Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.c_Patch3 allows remote attackers to execute arbitrary code or cause a denial of service (service crash) via a long request.
- CVE-2010-3280Sep 23, 2010risk 0.00cvss —epss 0.01
The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition relies on client-side authorization checking, and unconditionally sends the SuperUser password to the client for use during an…
- CVE-2010-3279Sep 23, 2010risk 0.00cvss —epss 0.01
The default configuration of the CCAgent option before 9.0.8.4 in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition enables maintenance access, which allows remote attackers to monitor or reconfigure Contact Center operations…
- CVE-2007-5361Nov 20, 2007risk 0.00cvss —epss 0.02
The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a…
- CVE-2007-5383Oct 12, 2007risk 0.00cvss —epss 0.04
The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the PATH_INFO to cgi/b, aka…
- CVE-2007-5384Oct 12, 2007risk 0.00cvss —epss 0.01
Multiple cross-site request forgery (CSRF) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to perform actions as administrators via unspecified POST requests, as demonstrated by enabling an…
- CVE-2007-5385Oct 12, 2007risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2007-2512Jun 7, 2007risk 0.00cvss —epss 0.01
Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems.
- CVE-2007-1822Apr 2, 2007risk 0.00cvss —epss 0.03
Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID).
- CVE-2007-0931Feb 14, 2007risk 0.00cvss —epss 0.06
Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code…
- CVE-2007-0932Feb 14, 2007risk 0.00cvss —epss 0.02
The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the…
- CVE-2004-2377Dec 31, 2004risk 0.00cvss —epss 0.02
Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled.
- CVE-2003-1108Dec 31, 2003risk 0.00cvss —epss 0.05
The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
- CVE-2002-1691Dec 31, 2002risk 0.00cvss —epss 0.04
Alcatel OmniPCX 4400 installs known user accounts and passwords in the /etc/password file by default, which allows remote attackers to gain unauthorized access.
Page 1 of 2