virus logo Intrusion Prevention

AudiosCodes.Device.Manager.Express.BrowseFiles.Path.Traversal

description-logoDescription

This indicates an attack attempt to exploit a Path Traversal Vulnerability in Audiocodes Device Manager Express.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker could exploit this vulnerability by sending crafted requests to the target server. Successful exploitation could result in arbitrary command execution under the security context of the root or could result in the disclosure of information which may be used to further compromise the target system..

affected-products-logoAffected Products

Audiocodes Device Manager Express version 7.8.20002.47752 and prior

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2023-04-18 23.536 Default_action:pass:drop
2023-03-07 23.507
ID 52667
Created Feb 27, 2023
Updated Aug 23, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2022-24632 CVE-2022-24629
Exploit Prediction Score 0.36%
Default Action drop
Active
Affected OS Windows
Affected App Other