Avaya System Products Shell Command Injection Vulnerabilities

Avaya System Products Shell Command Injection Vulnerabilities

Avaya System Products are prone to unspecified shell-command-injection vulnerabilities.

Specific Avaya products that contain maintenance web pages may allow authenticated users to issue shell commands through their HTTP interface.

Commands executed through these vulnerabilities could permit an attacker to gain access to a vulnerable system. Commands are executed in the context of the authenticated user.