Lucene search
K

64 matches found

CNNVD
CNNVD
added 2022/02/04 12:0 a.m.5 views

VoIPmonitor SQL注入漏洞

VoIPmonitor is an open source network packet sniffer from the VoIPmonitor team. Has a commercial front-end for the SIP RTP RTCP SKINNYSCCP MGCP WebRTC VoIP protocol running on Linux. Voipmonitor suffers from a SQL injection vulnerability that stems from a SQL injection vulnerability in the...

10CVSS8.8AI score0.50926EPSS
Exploits1References3
Check Point Advisories
Check Point Advisories
added 2021/08/02 12:0 a.m.6 views

VoIPmonitor Remote Code Execution (CVE-2021-30461)

A remote code execution vulnerability exists in VoIPmonitor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.5AI score0.36632EPSS
Exploits5
BDU FSTEC
BDU FSTEC
added 2021/08/02 12:0 a.m.3 views

The vulnerability of the config/configuration.php component of the VoIPmonitor traffic analyzer allows a attacker to execute arbitrary PHP code.

The vulnerability of the config/configuration.php component of the VoIPmonitor traffic analyzer is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary PHP code...

10CVSS8.2AI score0.36632EPSS
Exploits5References5Affected Software1
GithubExploit
GithubExploit
added 2021/07/14 7:20 p.m.89 views

Exploit for Code Injection in Voipmonitor

Impacted Products VoIPmonitor 24.60 How to RCE...

9.8CVSS9.4AI score0.36632EPSS
Exploits5
OSV
OSV
added 2021/05/31 3:39 p.m.8 views

Cross Site Scripting (XSS) in VoIPmonitor GUI version 24.55

In VoIPmonitor VoIPmonitor GUI version 24.55 a Cross Site Scripting XSS exists in the VoIPmonitor GUI that can be attacked via SIP resulting in Privilege escalation...

4.4AI score
Exploits0References2
OSV
OSV
added 2021/05/31 3:39 p.m.10 views

Buffer Overflow in VoIPmonitor sniffer version 27.5

In VoIPmonitor VoIPmonitor sniffer version 27.5 a Buffer Overflow exists in the live sniffer feature that can be attacked via SIP resulting in RCE, DoS...

5.1AI score
Exploits0References3
OSV
OSV
added 2021/05/31 3:39 p.m.9 views

GSD-2021-1000004 Cross Site Scripting (XSS) in VoIPmonitor GUI version 24.55

In VoIPmonitor VoIPmonitor GUI version 24.55 a Cross Site Scripting XSS exists in the VoIPmonitor GUI that can be attacked via SIP resulting in Privilege escalation...

6.3AI score
Exploits0References2
OSV
OSV
added 2021/05/31 3:39 p.m.10 views

GSD-2021-1000005 Buffer Overflow in VoIPmonitor sniffer version 27.5

In VoIPmonitor VoIPmonitor sniffer version 27.5 a Buffer Overflow exists in the live sniffer feature that can be attacked via SIP resulting in RCE, DoS...

7.1AI score
Exploits0References3
NVD
NVD
added 2021/05/29 2:15 p.m.19 views

CVE-2021-30461

A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value which might contain PHP code is injected into config/configuration.php...

9.8CVSS0.36632EPSS
Exploits5References1
OSV
OSV
added 2021/05/29 2:15 p.m.4 views

CVE-2021-30461

A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value which might contain PHP code is injected into config/configuration.php...

9.8CVSS7.8AI score0.36632EPSS
Exploits5References1
Prion
Prion
added 2021/05/29 2:15 p.m.19 views

Remote code execution

A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value which might contain PHP code is injected into config/configuration.php...

7.5CVSS9.8AI score0.36632EPSS
Exploits5References1Affected Software1
CVE
CVE
added 2021/05/29 1:2 p.m.130 views

CVE-2021-30461

VoIPmonitor is affected by CVE-2021-30461 prior to version 24.61, where the web UI accepts a user-supplied SPOOLDIR value that can inject PHP code into config/configuration.php, enabling remote code execution. The issue is exploitable by unauthenticated remote attackers via the web interface and ...

9.8CVSS9.7AI score0.36632EPSS
In wildExploits5References1Affected Software1
Cvelist
Cvelist
added 2021/05/29 1:2 p.m.31 views

CVE-2021-30461

A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value which might contain PHP code is injected into config/configuration.php...

10AI score0.36632EPSS
Exploits5References1
CNNVD
CNNVD
added 2021/05/29 12:0 a.m.4 views

VoIPmonitor 代码注入漏洞

VoIPmonitor is an open source network packet sniffer with a commercial front-end for SIP RTP and RTCP VoIP protocols running on Linux. VoIPmonitor suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...

9.8CVSS5.9AI score0.36632EPSS
Exploits5References1
GithubExploit
GithubExploit
added 2021/05/11 4:9 a.m.101 views

Exploit for Code Injection in Voipmonitor

Impacted Products VoIPmonitor 24.60 How to RCE...

9.8CVSS9.4AI score0.36632EPSS
Exploits5
CNVD
CNVD
added 2021/05/08 12:0 a.m.7 views

Command Execution Vulnerability in VoIPmonitor

VoIPmonitor is an open source network packet sniffer with a commercial front-end for SIP RTP and RTCP VoIP protocols running on Linux. VoIPmonitor suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...

9.8CVSS7.2AI score0.36632EPSS
Exploits5
seebug.org
seebug.org
added 2021/05/08 12:0 a.m.54 views

VoIPMonitor未授权远程代码执行漏洞(CVE-2021-30461)

SSD Advisory – VoIPmonitor UnAuth RCE May 6, 2021 SSD Disclosure / Technical Lead Uncategorized TL;DR Find out how a vulnerability in VoIPmonitor allows an unauthenticated attacker to execute arbitrary code. Vulnerability Summary VoIPmonitor is “open source network packet sniffer with commercial...

7.5CVSS0.3AI score0.36632EPSS
Exploits5
GithubExploit
GithubExploit
added 2021/05/07 9:22 a.m.78 views

Exploit for Code Injection in Voipmonitor

CVE-2021-30461 VOIP RCE Technical details https://ssd-disclos...

9.8CVSS9.3AI score0.36632EPSS
Exploits5
0day.today
0day.today
added 2021/03/16 12:0 a.m.33 views

VoIPmonitor 27.5 Missing Memory Protections Exploit

Static binaries provided for VoIPmonitor version2 7.5 are built without any memory corruption protection in place. VoIPmonitor static builds are compiled without any standard memory corruption protection - Fixed versions: N/A - Enable Security Advisory:...

0.3AI score
Exploits0
0day.today
0day.today
added 2021/03/16 12:0 a.m.70 views

VoIPmonitor 27.6 Buffer Overflow Exploit

A buffer overflow was identified in the VoIPmonitor live sniffer feature. The description variable in the function savepacketsql is defined as a fixed length array of 1024 characters. The description is set to the value of a SIP request or response line. By setting a long request or response line...

7.8AI score
Exploits0
Rows per page
Query Builder