exploitDog

GHSA-7x56-fv78-3rq9

Опубликовано: 19 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, /services/apply in exd.pl allows remote attackers to execute arbitrary code via shell metacharacters.

An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, /services/apply in exd.pl allows remote attackers to execute arbitrary code via shell metacharacters.

Ссылки

EPSS

Процентиль: 94%

0.13813

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2021-45966

CVSS3: 9.8

nvd

почти 4 года назад

An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, /services/apply in exd.pl allows remote attackers to execute arbitrary code via shell metacharacters.

EPSS

Процентиль: 94%

0.13813

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-77