cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-39292,https://securityvulnerability.io/vulnerability/CVE-2023-39292,SQL Injection Vulnerability in MiVoice Office 400 by Mitel,"A SQL Injection vulnerability has been discovered in the MiVoice Office 400 SMB Controller version 1.2.5.23. This vulnerability potentially allows an attacker to manipulate database queries, gaining unauthorized access to sensitive information and executing arbitrary commands within the database environment. Organizations using this product should implement security measures promptly to mitigate any risk associated with this vulnerability.",Mitel,"Mivoice Office 400,Mivoice Office 400 Smb Controller Firmware",9.8,CRITICAL,0.0013699999544769526,false,,false,false,false,,,false,false,,2023-08-14T00:00:00.000Z,0
CVE-2023-39293,https://securityvulnerability.io/vulnerability/CVE-2023-39293,Command Injection Vulnerability in MiVoice Office 400 by Mitel,"A command injection vulnerability has been discovered in the MiVoice Office 400 SMB Controller, which could enable a malicious actor to execute arbitrary commands in the context of the affected system. This flaw allows for potential unauthorized access, leading to significant security risks and exploitation possibilities. Users and administrators are urged to review security advisories to mitigate these risks.",Mitel,"Mivoice Office 400,Mivoice Office 400 Smb Controller Firmware",9.8,CRITICAL,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-08-14T00:00:00.000Z,0