8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.5%
PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of “<space><space> followed by <shift><enter>” mishandling.
www.gosecure.net/blog
www.gosecure.net/blog/2022/05/31/security-advisory-multiple-vulnerabilities-impact-3cx-phone-system/