CVE-2019-12326

Missing file and path validation in the ringtone upload function of the Akuvox R50P VoIP phone 50.0.6.156 allows an attacker to upload a manipulated ringtone file, with an executable payload (shell commands within the file) and trigger code execution.
References
Configurations

Configuration 1


Information

Published : 2019-07-22 05:15

Updated : 2019-10-09 11:45


NVD link : CVE-2019-12326

Mitre link : CVE-2019-12326

Products Affected
CWE