CVE-2022-31784

Name of the Vulnerable Software and Affected Versions MiVoice Business versions through 9.3 PR1 MiVoice Business Express versions through 8.0 SP3 PR3

Description A vulnerability in the management interface could allow an unauthenticated attacker with network access to conduct a buffer overflow attack due to insufficient validation of URL parameters. A successful exploit could allow arbitrary code execution.

Recommendations For MiVoice Business versions through 9.3 PR1, update to a version later than 9.3 PR1 to resolve the issue. For MiVoice Business Express versions through 8.0 SP3 PR3, update to a version later than 8.0 SP3 PR3 to resolve the issue. As a temporary workaround, consider restricting access to the management interface to minimize the risk of exploitation.