VYPR
Vendor

Atcom

Products
3
CVEs
8
Across products
8
Status
Private

Products

3

Recent CVEs

8
  • CVE-2024-58314HigDec 12, 2025
    risk 0.57cvss 8.8epss 0.01

    Atcom 100M IP Phones firmware version 2.7.x.x contains an authenticated command injection vulnerability in the web configuration CGI script that allows attackers to execute arbitrary system commands. Attackers can inject shell commands through the 'cmd' parameter in…

  • CVE-2011-3340Oct 21, 2011
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.

  • CVE-2010-4967Oct 21, 2011
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter.

  • CVE-2009-5103Oct 21, 2011
    risk 0.03cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable.

  • CVE-2009-5102Oct 21, 2011
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter.

  • CVE-2019-12328Jul 22, 2019
    risk 0.00cvss epss 0.04

    A command injection (missing input validation) issue in the remote phonebook configuration URI in the web interface of the Atcom A10W VoIP phone with firmware 2.6.1a2421 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters…

  • CVE-2014-2318Mar 11, 2014
    risk 0.00cvss epss 0.02

    SQL injection vulnerability in ATCOM Netvolution 3 allows remote attackers to execute arbitrary SQL commands via the m parameter.

  • CVE-2010-4966Oct 21, 2011
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvolution allows remote attackers to inject arbitrary web script or HTML via the query parameter in a Search action.