CVE-2024-33109

CVSS 9.9 CRITICALEPSS 0.9%CWE-22

Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function.

CVSS:3.1/AC:L/AV:N/A:L/C:H/I:H/PR:L/S:C/UI:N

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.bdosecurity.de/en-gb/advisories/cve-2024-33109 http://tiptel.com