64 matches found
VoIPmonitor SQL注入漏洞
VoIPmonitor is an open source network packet sniffer from the VoIPmonitor team. Has a commercial front-end for the SIP RTP RTCP SKINNYSCCP MGCP WebRTC VoIP protocol running on Linux. Voipmonitor suffers from a SQL injection vulnerability that stems from a SQL injection vulnerability in the...
VoIPmonitor Remote Code Execution (CVE-2021-30461)
A remote code execution vulnerability exists in VoIPmonitor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
The vulnerability of the config/configuration.php component of the VoIPmonitor traffic analyzer allows a attacker to execute arbitrary PHP code.
The vulnerability of the config/configuration.php component of the VoIPmonitor traffic analyzer is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary PHP code...
Exploit for Code Injection in Voipmonitor
Impacted Products VoIPmonitor 24.60 How to RCE...
Cross Site Scripting (XSS) in VoIPmonitor GUI version 24.55
In VoIPmonitor VoIPmonitor GUI version 24.55 a Cross Site Scripting XSS exists in the VoIPmonitor GUI that can be attacked via SIP resulting in Privilege escalation...
Buffer Overflow in VoIPmonitor sniffer version 27.5
In VoIPmonitor VoIPmonitor sniffer version 27.5 a Buffer Overflow exists in the live sniffer feature that can be attacked via SIP resulting in RCE, DoS...
GSD-2021-1000004 Cross Site Scripting (XSS) in VoIPmonitor GUI version 24.55
In VoIPmonitor VoIPmonitor GUI version 24.55 a Cross Site Scripting XSS exists in the VoIPmonitor GUI that can be attacked via SIP resulting in Privilege escalation...
GSD-2021-1000005 Buffer Overflow in VoIPmonitor sniffer version 27.5
In VoIPmonitor VoIPmonitor sniffer version 27.5 a Buffer Overflow exists in the live sniffer feature that can be attacked via SIP resulting in RCE, DoS...
CVE-2021-30461
A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value which might contain PHP code is injected into config/configuration.php...
CVE-2021-30461
A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value which might contain PHP code is injected into config/configuration.php...
Remote code execution
A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value which might contain PHP code is injected into config/configuration.php...
CVE-2021-30461
VoIPmonitor is affected by CVE-2021-30461 prior to version 24.61, where the web UI accepts a user-supplied SPOOLDIR value that can inject PHP code into config/configuration.php, enabling remote code execution. The issue is exploitable by unauthenticated remote attackers via the web interface and ...
CVE-2021-30461
A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value which might contain PHP code is injected into config/configuration.php...
VoIPmonitor 代码注入漏洞
VoIPmonitor is an open source network packet sniffer with a commercial front-end for SIP RTP and RTCP VoIP protocols running on Linux. VoIPmonitor suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...
Exploit for Code Injection in Voipmonitor
Impacted Products VoIPmonitor 24.60 How to RCE...
Command Execution Vulnerability in VoIPmonitor
VoIPmonitor is an open source network packet sniffer with a commercial front-end for SIP RTP and RTCP VoIP protocols running on Linux. VoIPmonitor suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...
VoIPMonitor未授权远程代码执行漏洞(CVE-2021-30461)
SSD Advisory – VoIPmonitor UnAuth RCE May 6, 2021 SSD Disclosure / Technical Lead Uncategorized TL;DR Find out how a vulnerability in VoIPmonitor allows an unauthenticated attacker to execute arbitrary code. Vulnerability Summary VoIPmonitor is “open source network packet sniffer with commercial...
Exploit for Code Injection in Voipmonitor
CVE-2021-30461 VOIP RCE Technical details https://ssd-disclos...
VoIPmonitor 27.5 Missing Memory Protections Exploit
Static binaries provided for VoIPmonitor version2 7.5 are built without any memory corruption protection in place. VoIPmonitor static builds are compiled without any standard memory corruption protection - Fixed versions: N/A - Enable Security Advisory:...
VoIPmonitor 27.6 Buffer Overflow Exploit
A buffer overflow was identified in the VoIPmonitor live sniffer feature. The description variable in the function savepacketsql is defined as a fixed length array of 1024 characters. The description is set to the value of a SIP request or response line. By setting a long request or response line...