Lucene search
K

4 matches found

0day.today
0day.today
added 2020/05/07 12:0 a.m.64 views

TrixBox CE 2.8.0.4 Command Execution Exploit

This Metasploit module exploits an authenticated OS command injection vulnerability found in Trixbox CE versions 1.2.0 through 2.8.0.4 inclusive in the network POST parameter of the /maint/modules/endpointcfg/endpointdevicemap.php page. Successful exploitation allows for arbitrary command executi...

9CVSS9.2AI score0.65208EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/05/05 12:0 a.m.172 views

TrixBox CE 2.8.0.4 Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TrixBox CE endpointdevicemap.php Authenticated Command Execution', 'Description' = %q This module exploits an authenticated OS command injection...

9CVSS0.2AI score0.65208EPSS
Exploits4
Circl
Circl
added 2020/05/04 9:23 p.m.18 views

CVE-2020-7351

creationtimestamp| type| source ---|---|--- 2020-05-04 21:23:04+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/trixboxceendpointdevicemaprce.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:30+00:0...

9CVSS8.6AI score0.65208EPSS
Exploits4References1
CVE
CVE
added 2020/05/01 3:50 p.m.208 views

CVE-2020-7351

CVE-2020-7351 describes an authenticated OS command injection in Fonality Trixbox Community Edition, affecting the endpoint_devicemap.php component. The vulnerability allows execution of arbitrary OS commands as the user asterisk via the network POST parameter in /maint/modules/endpointcfg/endpoi...

9CVSS8.3AI score0.65208EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder