CoreDial sipXcom up to and including... CVE-2023-25356

- AV AC AU C I A
发布: 2023-04-04
修订: 2023-04-11

CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to, the sipXcom server. This can also be leveraged to gain remote command execution.

0%
当前有2条漏洞利用/PoC
当前有1条受影响产品信息