CVE-2022-26143

Description from NVD

The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack.

Information Acquisition Date:2022-03-31T16:40Z
CVSS 2.0: 9.0 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:C

NVD References

 https://www.akamai.com/blog/security/phone-home-ddos-attack-vector
     source:MISC
     tags:Mitigation    Third Party Advisory    
 https://blog.cloudflare.com/cve-2022-26143/
     source:MISC
     tags:Mitigation    Third Party Advisory    
 https://team-cymru.com/blog/2022/03/08/record-breaking-ddos-potential-discovered-cve-2022-26143/
     source:MISC
     tags:Mitigation    Third Party Advisory    
 https://www.shadowserver.org/news/cve-2022-26143-tp240phonehome-reflection-amplification-ddos-attack-vector/
     source:MISC
     tags:Mitigation    Third Party Advisory    
 https://news.ycombinator.com/item?id=30614073
     source:MISC
     tags:Issue Tracking    Third Party Advisory    
 https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-22-0001
     source:MISC
     tags:Vendor Advisory    
 https://arstechnica.com/information-technology/2022/03/ddosers-use-new-method-capable-of-amplifying-traffic-by-a-factor-of-4-billion/
     source:MISC
     tags:Exploit    Press/Media Coverage    Third Party Advisory    

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:



List of frequently cited URLs

URLNum of Times Referred to
http://patrowl.io315
http://cyberiqs.com/latestnews49
https://cvetrends.com48
https://team-cymru.com/blog/2022/03/08/record-breaking-ddos...7
https://blog.cloudflare.com/cve-2022-261434
https://twitter.com/campuscodi/status/15012266628679147543
https://www.akamai.com/blog/security/phone-home-ddos-attack...3
https://www.shadowserver.org/news/cve-2022-26143-tp240phone...3

Information from Twitter

User URL Info Source Date
Brandefense https://twitter.com/Brandefense/status/1640632317474381825/... Source Brandefense      1640632317474381825 2023/03/28

List of frequently cited URLs

URLNum of Times Referred to
patrowl.io315
cyberiqs.com49
cvetrends.com48
team-cymru.com7
blog.cloudflare.com4
twitter.com3
www.akamai.com3
www.shadowserver.org3

Information from Twitter

User URL Info Source
Brandefense twitter.com Show Tweet

GitHub Search Results: Up to 10
NameURL
No Data

GitHub Search Results: Up to 10
NameURL
No Data

2023/03/28 Score : 0
Added Har-sia Database : 2022/03/09
Last Modified : 2023/03/28
Highest Scored Date : 2022/03/09
Highest Score : 70