AudioCodes Mediant family of multi-service business routers (MSBRs) offers service providers a range of all-in-one SOHO, SMB and SME routers combining access, data, voice and security into a single device.
During our research we found a DoS(CVE-2019-9228), a XXS(CVE-2019-9230) and CSRF(CVE-2019-9231) vulnerability. Although we could gain access to quagga VTYs(CVE-2019-9229).
A cross-site scripting (XSS) vulnerability in the search function of the management web interface allows remote attackers to inject arbitrary JS or HTML code via the keyword parameter. This is possible because a wrong content-type header (text/html instead of application/json) is set.
alert("XSS");on his webserver and trigger the XSS via the following URL:
The encoding has to be applied for filter evasion.
F7.20A to F7.20A.253
Update to F7.20A.254 or higher.
|2019/02/14||initial vendor response|
|2019/02/14||vendor informs about start of review process|
|2019/02/15||vendor requests further details|
|2019/02/15||further details provided|
|2019/02/18||vendor informs about detail analysis|
|2019/02/19||vendor confirmation, planned fixes and roadmap provided|
|2019/06/28||vendor informs that planned fixes are published|