mutare 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには vendor risk sql injection、vendor risk cross-site scripting, and vendor risk csrf があり、アーカイブ処理、ファイル処理, and 自動展開 の利用場面で vendor impact session compromise and vendor impact data exposure などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2021-27236 | An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution. | [email protected] | 9.8 | 1.90% | 2021-02-16 | 2024-11-21 |
| CVE-2021-27235 | An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, there is a functionality at diagzip.asp that allows anyone to export tables of a database. | [email protected] | 4.9 | 0.27% | 2021-02-16 | 2024-11-21 |
| CVE-2021-27234 | An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. The web application suffers from SQL injection on Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and Evmlog.asp. | [email protected] | 9.8 | 0.37% | 2021-02-16 | 2024-11-21 |
| CVE-2021-27233 | An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, password information for external systems is visible in cleartext. The Settings.asp page is affected by this issue. | [email protected] | 4.9 | 0.07% | 2021-02-16 | 2024-11-21 |
| CVE-2011-1105 | Multiple cross-site scripting (XSS) vulnerabilities in Mutare EVM allow remote attackers to inject arbitrary web script or HTML via (1) a delivery address and possibly (2) a PIN. | [email protected] | 4.3 | 0.59% | 2011-02-28 | 2026-04-29 |
| CVE-2011-1104 | Multiple cross-site request forgery (CSRF) vulnerabilities in Mutare EVM allow remote attackers to hijack the authentication of arbitrary users for requests that (1) change a PIN, (2) delete messages, (3) add a delivery address, or (4) change a delivery address. | [email protected] | 6.8 | 0.21% | 2011-02-28 | 2026-04-29 |