Security Advisory

CVE-2019-20029

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-07-29 17:29:49

Last updated 2024-08-05 02:32:10

Assigner mitre

State PUBLISHED

Description

An exploitable privilege escalation vulnerability exists in the WebPro functionality of Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices. A specially crafted HTTP POST can cause privilege escalation resulting in a higher privileged account, including an undocumented developer level of access.

← Browse all CVEs View on cve.org ↗