Filtered by vendor Alcatel-lucent
Subscriptions
Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2002-0293 | 1 Alcatel-lucent | 1 Omnipcx | 2017-07-11 | N/A |
FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file. | ||||
CVE-2015-8687 | 1 Alcatel-lucent | 1 Motive Home Device Manager | 2017-03-28 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Alcatel-Lucent Motive Home Device Manager (HDM) before 4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceTypeID parameter to DeviceType/getDeviceType.do; the (2) policyActionClass or (3) policyActionName parameter to PolicyAction/findPolicyActions.do; the deviceID parameter to (4) SingleDeviceMgmt/getDevice.do or (5) device/editDevice.do; the operation parameter to (6) ajax.do or (7) xmlHttp.do; or the (8) policyAction, (9) policyClass, or (10) policyName parameter to policy/findPolicies.do. | ||||
CVE-2015-4587 | 1 Alcatel-lucent | 2 Cellpipe 7130 Router, Cellpipe 7130 Router Firmware | 2016-12-07 | N/A |
Cross-site scripting (XSS) vulnerability in the Alcatel-Lucent CellPipe 7130 router with firmware 1.0.0.20h.HOL allows remote attackers to inject arbitrary web script or HTML via the "Custom application" field in the "port triggering" menu. | ||||
CVE-2015-4586 | 1 Alcatel-lucent | 2 Cellpipe 7130 Rg 5ae.m2013 Hol, Cellpipe 7130 Rg 5ae.m2013 Hol Firmware | 2016-12-07 | N/A |
Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL with firmware 1.0.0.20h.HOL allows remote attackers to hijack the authentication of administrators for requests that create a user account via an add_user action in a request to password.cmd. | ||||
CVE-2002-0295 | 1 Alcatel-lucent | 1 Omnipcx | 2016-10-18 | N/A |
Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges. | ||||
CVE-2002-0294 | 1 Alcatel-lucent | 1 Omnipcx | 2016-10-18 | N/A |
Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system. | ||||
CVE-2007-1822 | 1 Alcatel-lucent | 1 Voice Mail System | 2008-11-13 | N/A |
Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID). |