Coredial

Sipxcom

2 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-25355

Exploit
  • EPSS 8.8%
  • Veröffentlicht 04.04.2023 13:15:08
  • Zuletzt bearbeitet 13.02.2025 16:15:38

CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the `daemon` user on a sipXcom server can overwrite a service file, and escalate their privileges to `root`.

8.8

CVE-2023-25356

Exploit
  • EPSS 20.12%
  • Veröffentlicht 04.04.2023 13:15:08
  • Zuletzt bearbeitet 13.02.2025 16:15:38

CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to...