Audiocodes Device Manager Express — known CVE vulnerabilities
Every CVE whose affected-product data names Audiocodes Device Manager Express, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-24627 — CVSS 9.8 (critical): An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is an unauthenticated SQL injection in the p…
CVE-2022-24629 — CVSS 9.8 (critical): An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. Remote code execution can be achieved via directory…
CVE-2022-24628 — CVSS 7.2 (high): An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is authenticated SQL injection in the id parameter…
CVE-2022-24630 — CVSS 7.2 (high): An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. BrowseFiles.php allows a ?cmd=ssh POST request with…
CVE-2022-24631 — CVSS 5.4 (medium): An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is stored XSS via the ajaxTenants.php desc…
CVE-2022-24632 — CVSS 5.3 (medium): An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is directory traversal during file download via…