CVE-2022-36780

Description

Avdor CIS - crystal quality Credentials Management Errors. The product is phone call recorder, you can hear all the recorded calls without authenticate to the system. Attacker sends crafted URL to the system: ip:port//V=2;ChannellD=number;Ext=number;Command=startLM;Client=number;Request=number;R=number number - id of the recorded number.

Related CPE's

a avdorcis crystal_quality -*******

References

https://www.gov.il/en/Departments/faq/cve_advisories

ExploitThird Party AdvisoryVDB Entry

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io