Critical SQL Injection Vulnerability in MiVoice Office 400 SMB Controller (Version 1.2.5.23)

Critical SQL Injection Vulnerability in MiVoice Office 400 SMB Controller (Version 1.2.5.23)

CVE-2023-39292 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A SQL Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to access sensitive information and execute arbitrary database and management operations.

Learn more about our Cis Benchmark Audit For Microsoft Office.