exploitDog

CVE-2021-43405

Опубликовано: 05 нояб. 2021

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

An issue was discovered in FusionPBX before 4.5.30. The fax_extension may have risky characters (it is not constrained to be numeric).

Ссылки

http://packetstormsecurity.com/files/164795/FusionPBX-4.5.29-Remote-Code-Execution.html
Exploit
Third Party Advisory
https://github.com/fusionpbx/fusionpbx/commit/2d2869c1a1e874c46a8c3c5475614ce769bbbd59
Patch
Third Party Advisory
http://packetstormsecurity.com/files/164795/FusionPBX-4.5.29-Remote-Code-Execution.html
Exploit
Third Party Advisory
https://github.com/fusionpbx/fusionpbx/commit/2d2869c1a1e874c46a8c3c5475614ce769bbbd59
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:fusionpbx:fusionpbx:*:*:*:*:*:*:*:*

Версия до 4.5.30 (исключая)

EPSS

Процентиль: 90%

0.05243

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-42c2-hjwj-v6gj

CVSS3: 8.8

github

больше 3 лет назад

An issue was discovered in FusionPBX before 4.5.30. The fax_extension may have risky characters (it is not constrained to be numeric).

EPSS

Процентиль: 90%

0.05243

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

NVD-CWE-Other