Create Avaya_Aura_Device_Services_PhoneBackup_File_Upload_Vulnerability.md

add Avaya Aura Device Services PhoneBackup File Upload Vulnerability

Avaya_Aura_Device_Services_PhoneBackup_File_Upload_Vulnerability.md

@@ -0,0 +1,12 @@
+## Avaya Aura Device Services PhoneBackup File Upload Vulnerability
+
+|   **Vulnerability**  | **Avaya Aura Device Services PhoneBackup File Upload Vulnerability**  |
+| :----:   | :-----|
+| **Chinese name**  | Avaya Aura Device Services r软件 PhoneBackup 任意文件上传漏洞 |
+| **CVSS core**  | 9.0 |
+| **FOFA Query**  (click to view the results directly)| [((body="vmsTitle\">Avaya Aura™ Utility Server" \|\| body="/webhelp/Base/Utility_toc.htm" \|\| (body="Avaya Aura® Utility Services" && body="Avaya Inc. All Rights Reserved")) && body!="Server: couchdb")](https://en.fofa.info/result?qbase64=KChib2R5PSJ2bXNUaXRsZVwiPkF2YXlhIEF1cmEmIzg0ODI7Jm5ic3A7VXRpbGl0eSBTZXJ2ZXIiIHx8IGJvZHk9Ii93ZWJoZWxwL0Jhc2UvVXRpbGl0eV90b2MuaHRtIiB8fCAoYm9keT0iQXZheWEgQXVyYSZyZWc7Jm5ic3A7VXRpbGl0eSBTZXJ2aWNlcyIgJiYgYm9keT0iQXZheWEgSW5jLiBBbGwgUmlnaHRzIFJlc2VydmVkIikpICYmIGJvZHkhPSJTZXJ2ZXI6IGNvdWNoZGIiKQ%3D%3D) |
+| **Number of assets affected**  | 565 |
+| **Description**  | Avaya Aura Device Services is an application software of Avaya Corporation in the United States. Provides a function to manage Avaya endpoints. Avaya Aura Device Services versions 7.0 to 8.1.4.0 have security vulnerabilities. Attackers can bypass authentication and upload arbitrary files to obtain server permissions. |
+| **Impact** | Avaya Aura Device Services versions 7.0 to 8.1.4.0 have security vulnerabilities. Attackers can bypass authentication and upload arbitrary files to obtain server permissions. |
+
+![](https://s3.bmp.ovh/imgs/2023/06/21/06ca1ac2bfc684e0.gif)