Vulnerability of the initializePlugin function in the sipXopenfire\presence-plugin\src\org\sipfoundry\openfire\plugin\presence\SipXOpenfirePlugin.java file. The PBX server of the corporate IP telephony management system CoreDial sipXcom sipXopenfire allows intruders to escalate their privileges or execute arbitrary commands.
The vulnerability lies in the function initializePlugin of the sipXopenfire\presence-plugin\src\org\sipfoundry\openfire\plugin\presence\SipXOpenfirePlugin.java file. In the PBX server of the corporate IP telephony management system, CoreDial sipXcom sipXopenfire relies on the implementation or...