header-logo
Suggest Exploit
vendor:
TANDBERG Video Communication Server
by:
Unknown
7.5
CVSS
HIGH
File Disclosure, Server Impersonation, Man-in-the-Middle, Authentication Bypass
CWE
Product Name: TANDBERG Video Communication Server
Affected Version From: Pre TANDBERG Video Communication Server 5.1.1
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

TANDBERG Video Communication Server Multiple Vulnerabilities

The TANDBERG Video Communication Server is prone to multiple remote vulnerabilities. These include a file-disclosure vulnerability, a security vulnerability that may allow attackers to conduct server impersonation and man-in-middle attacks, and an authentication-bypass vulnerability. An attacker can exploit these issues to gain unauthorized access to the affected device and sensitive information. Other attacks are also possible.

Mitigation:

Upgrade to TANDBERG Video Communication Server 5.1.1 or later.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/39389/info

TANDBERG Video Communication Server is prone to multiple remote vulnerabilities, including:

1. A file-disclosure vulnerability.
2. A security vulnerability that may allow attackers to conduct server impersonation and man-in-middle attacks.
3. An authentication-bypass vulnerability.

An attacker can exploit these issues to gain unauthorized access to the affected device and to gain access to sensitive information. Other attacks are also possible.

Firmware versions prior to TANDBERG Video Communication Server 5.1.1 are vulnerable. 

https://www.example.com/helppage.php?page=../../../../etc/passwd%00

Navigation

Suggest Exploit

Services By CQR