CVE-2018-11518
CVE-2018-11518 describes a phreaking attack on HCL legacy IVR systems that do not use VoIP. The vulnerability arises from handling of audio-frequency signals (DTMF) within a phone call, where an attacker can record the tones and trigger a service activation. The issue is a request-forgery : if th...