Количество 3
Количество 3
CVE-2025-2611
The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an attacker to inject shell commands into a session cookie that get executed on the server. This results in unauthenticated remote code execution in the session handling. Versions 7.4 and below are known to be vulnerable.
GHSA-3h67-687r-7fpc
The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an attacker to inject shell commands into a session cookie that get executed on the server. This results in unauthenticated remote code execution in the session handling. Versions 7.4 and below are known to be vulnerable.
BDU:2025-14633
Уязвимость программного обеспечения для унифицированных коммуникаций и телемаркетинга ICTBroadcast, связанная с недостаточной проверкой входных данных, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-2611 The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an attacker to inject shell commands into a session cookie that get executed on the server. This results in unauthenticated remote code execution in the session handling. Versions 7.4 and below are known to be vulnerable. | 43% Средний | 6 месяцев назад | |
| GHSA-3h67-687r-7fpc The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an attacker to inject shell commands into a session cookie that get executed on the server. This results in unauthenticated remote code execution in the session handling. Versions 7.4 and below are known to be vulnerable. | 43% Средний | 6 месяцев назад | |
 | BDU:2025-14633 Уязвимость программного обеспечения для унифицированных коммуникаций и телемаркетинга ICTBroadcast, связанная с недостаточной проверкой входных данных, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.6 | 43% Средний | 11 месяцев назад |
Уязвимостей на страницу