Описание
registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS spoofing attack.
Ссылки
- ExploitURL Repurposed
- ExploitURL Repurposed
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:netfortris:trixbox:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00783
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS spoofing attack.
EPSS
Процентиль: 73%
0.00783
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-264