| Vulnerability | Avaya Aura Device Services PhoneBackup File Upload Vulnerability |
|---|---|
| Chinese name | Avaya Aura Device Services r软件 PhoneBackup 任意文件上传漏洞 |
| CVSS core | 9.0 |
| FOFA Query (click to view the results directly) | ((body="vmsTitle">Avaya Aura™ Utility Server" || body="/webhelp/Base/Utility_toc.htm" || (body="Avaya Aura® Utility Services" && body="Avaya Inc. All Rights Reserved")) && body!="Server: couchdb") |
| Number of assets affected | 565 |
| Description | Avaya Aura Device Services is an application software of Avaya Corporation in the United States. Provides a function to manage Avaya endpoints. Avaya Aura Device Services versions 7.0 to 8.1.4.0 have security vulnerabilities. Attackers can bypass authentication and upload arbitrary files to obtain server permissions. |
| Impact | Avaya Aura Device Services versions 7.0 to 8.1.4.0 have security vulnerabilities. Attackers can bypass authentication and upload arbitrary files to obtain server permissions. |
