CVE-2022-26143

NVD Published Date: March 10, 2022 at 05:47 PM
NVD Last Modified: August 08, 2023 at 02:21 PM
Download Patch
Vulnerability ID
CVE-2022-26143
Severity
CRITICAL
Severity Score
9.8
Summary
The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack.
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE ID
CWE-306

Recent Publish

CVE-2022-26501

CVE-2022-22587

CVE-2022-1040

CVE-2022-26258

CVE-2022-26871

CVE-2022-22965

See SecOps Solution
in action

Schedule Demo