9 matches found
Issabel Authenticated - Remote Code Execution
A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...
CVE-2025-47780 cli_permissions.conf: deny option does not work for disallowing shell commands
Asterisk is an open-source private branch exchange PBX. Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, trying to disallow shell commands to be run via the Asterisk command line interface CLI by configuring...
CVE-2024-0986
A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...
Command injection
A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...
CVE-2024-0986 Issabel PBX Asterisk-Cli os command injection
A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...
CVE-2024-0986 Issabel PBX Asterisk-Cli os command injection
A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...
CVE-2024-0986
CVE-2024-0986 affects Issabel PBX 4.0.0 through the Asterisk-Cli component. The vulnerability arises from improper handling of the Command argument in /index.php?menu=asterisk_cli, enabling OS command injection. Multiple connected sources describe this as an authenticated remote command execution...
Issabel PBX Operating System Command Injection Vulnerability
Issabel PBX is a software application. A free and open source software that allows you to build communication tools for your organization. An OS command injection vulnerability exists in Issabel PBX version 4.0.0, which stems from the inclusion of some unknown processing in the component...
PT-2024-15962 · Unknown · Asterisk-Cli +1
Name of the Vulnerable Software and Affected Versions: Issabel PBX version 4.0.0 Description: A critical issue affects the processing of the file /index.php?menu=asterisk cli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be...