Описание
Avdor CIS - crystal quality Credentials Management Errors. The product is phone call recorder, you can hear all the recorded calls without authenticate to the system. Attacker sends crafted URL to the system: ip:port//V=2;ChannellD=number;Ext=number;Command=startLM;Client=number;Request=number;R=number number - id of the recorded number.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:avdorcis:crystal_quality:-:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00178
Низкий
4.9 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
Avdor CIS - crystal quality Credentials Management Errors. The product is phone call recorder, you can hear all the recorded calls without authenticate to the system. Attacker sends crafted URL to the system: ip:port//V=2;ChannellD=number;Ext=number;Command=startLM;Client=number;Request=number;R=number number - id of the recorded number.
EPSS
Процентиль: 40%
0.00178
Низкий
4.9 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-306