Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2019-11409
HistoryJun 17, 2019 - 7:15 p.m.

Command injection

2019-06-1719:15:00
PRIOn knowledge base
www.prio-n.com
3

8.8 High

AI Score

Confidence

High

0.927 High

EPSS

Percentile

99.0%

JSON

app/operator_panel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suffers from a command injection vulnerability due to a lack of input validation that allows authenticated non-administrative attackers to execute commands on the host. This can further lead to remote code execution when combined with an XSS vulnerability also present in the FusionPBX Operator Panel module.

CPENameOperatorVersion
fusionpbxeq4.4.3

Related

cvelist 1
packetstorm 2
cve 1
zdt 1
nvd 1
exploitdb 1
exploitpack 1
cvelist
cvelist
CVE-2019-11409
2019-06-17 18:02:23
packetstorm
packetstorm
FusionPBX Operator Panel exec.php Command Execution
2019-11-14 00:00:00
FusionPBX 4.4.3 Remote Command Execution
2019-06-12 00:00:00
cve
cve
CVE-2019-11409
2019-06-17 19:15:11
zdt
zdt
FusionPBX Operator Panel (exec.php) Command Execution Exploit
2019-11-15 00:00:00
nvd
nvd
CVE-2019-11409
2019-06-17 19:15:11
exploitdb
exploitdb
FusionPBX 4.4.3 - Remote Command Execution
2019-06-12 00:00:00
exploitpack
exploitpack
FusionPBX 4.4.3 - Remote Command Execution
2019-06-12 00:00:00

8.8 High

AI Score

Confidence

High

0.927 High

EPSS

Percentile

99.0%

JSON
Related for PRION:CVE-2019-11409
cvelist1packetstorm2cve1zdt1nvd1exploitdb1exploitpack1