CVE-2024-0986 Issabel PBX Asterisk-Cli os command injection

A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...

CVE-2024-0986

CVE-2024-0986 affects Issabel PBX 4.0.0 through the Asterisk-Cli component. The vulnerability arises from improper handling of the Command argument in /index.php?menu=asterisk_cli, enabling OS command injection. Multiple connected sources describe this as an authenticated remote command execution...

Issabel PBX Operating System Command Injection Vulnerability

Issabel PBX is a software application. A free and open source software that allows you to build communication tools for your organization. An OS command injection vulnerability exists in Issabel PBX version 4.0.0, which stems from the inclusion of some unknown processing in the component...

PT-2024-15962 · Unknown · Asterisk-Cli +1

Name of the Vulnerable Software and Affected Versions: Issabel PBX version 4.0.0 Description: A critical issue affects the processing of the file /index.php?menu=asterisk cli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be...

CVE-2023-37599

An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory...

CVE-2023-37599

An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory...

CVE-2023-37599

An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory...

Design/Logic Flaw

An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory...

CVE-2023-37598

A Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function...

CVE-2023-37598

A Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function...

CVE-2023-37598

A Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function...

Cross site request forgery (csrf)

A Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function...

Issabel PBX 跨站请求伪造漏洞

Issabel PBX is a software application. A free and open source software that allows you to build communication tools for your organization. A cross-site request forgery vulnerability exists in Issabel PBX version v.4.0.0-6, which originates from a vulnerability that allows any remote attacker to...

CVE-2023-37598

A Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function...

CVE-2023-37599

An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory...

CVE-2023-37599

An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory...

PT-2023-26035

Name of the Vulnerable Software and Affected Versions: issabel-pbx version 4.0.0-6 Description: A Cross Site Request Forgery CSRF issue allows a remote attacker to cause a denial of service via the delete new virtual fax function. Recommendations: For issabel-pbx version 4.0.0-6, consider disabli...

CVE-2023-37598

CVE-2023-37598 affects issabel-pbx v4.0.0-6 with a CSRF flaw in the delete new virtual fax functionality. The issue allows a remote attacker, via a crafted request, to delete a user’s virtual fax when an authenticated session is active, potentially causing denial of service. Concrete exploit deta...

CVE-2023-37599

The CVE-2023-37599 entry affects Issabel PBX version 4.0.0-6, where a vulnerability in the modules directory could allow a remote attacker to obtain sensitive information. The connected Nuclei template names Issabel PBX 4.0.0-6 and documents directory listing as the attack vector, stating that an...

Issabel PBX 安全漏洞

Issabel PBX is a software application. A free and open source software that allows you to build communication tools for your organization. A security vulnerability exists in Issabel PBX version v.4.0.0-6, which stems from a vulnerability that allows any remote attacker to view application-sensiti...