Filtered by vendor Alcatel-lucent Subscriptions

Search

Switch to Advanced Search (Beta)
Total 26 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2002-0293 1 Alcatel-lucent 1 Omnipcx 2025-04-03 N/A
FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file.
CVE-2002-0294 1 Alcatel-lucent 1 Omnipcx 2025-04-03 N/A
Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system.
CVE-2002-1691 1 Alcatel-lucent 1 Omnipcx 2025-04-03 N/A
Alcatel OmniPCX 4400 installs known user accounts and passwords in the /etc/password file by default, which allows remote attackers to gain unauthorized access.
CVE-2003-1108 1 Alcatel-lucent 1 Omnipcx 2025-04-03 N/A
The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
CVE-2015-8687 1 Alcatel-lucent 1 Motive Home Device Manager 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Alcatel-Lucent Motive Home Device Manager (HDM) before 4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceTypeID parameter to DeviceType/getDeviceType.do; the (2) policyActionClass or (3) policyActionName parameter to PolicyAction/findPolicyActions.do; the deviceID parameter to (4) SingleDeviceMgmt/getDevice.do or (5) device/editDevice.do; the operation parameter to (6) ajax.do or (7) xmlHttp.do; or the (8) policyAction, (9) policyClass, or (10) policyName parameter to policy/findPolicies.do.
CVE-2015-6498 1 Alcatel-lucent 1 Home Device Manager 2024-11-21 N/A
Alcatel-Lucent Home Device Manager before 4.1.10, 4.2.x before 4.2.2 allows remote attackers to spoof and make calls as target devices.