Alcatel-Lucent: >> Omnipcx >> 7.0 Security Vulnerabilities
Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server (CS) in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote attackers to execute arbitrary code via crafted HTTP headers.
CVSS Score
5.8
EPSS Score
0.006
Published
2011-03-08
Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems.
CVSS Score
7.5
EPSS Score
0.005
Published
2007-06-07