CVE-2019-20029
CVE-2019-20029 describes an exploitable privilege-escalation in the WebPro functionality of Aspire-derived NEC PBXes, affecting all versions of SV8100, SV9100, SL1100 and SL2100. A specially crafted HTTP POST can elevate privileges to a higher privileged account, including an undocumented develop...