cvedb.io
CVE-2022-36780
MEDIUM · CVSS 4.9
EPSS exploitation probability: 0%
Published 2022-09-13T15:15:08.667 · Last modified 2026-06-17T04:53:57.917

Summary

Avdor CIS - crystal quality Credentials Management Errors. The product is phone call recorder, you can hear all the recorded calls without authenticate to the system. Attacker sends crafted URL to the system: ip:port//V=2;ChannellD=number;Ext=number;Command=startLM;Client=number;Request=number;R=number number - id of the recorded number.

Affected products

avdorcis — crystal_quality

Does this affect you?

Add your gear to cvedb and we'll alert you only when avdorcis ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.