2 matches found
CVE-2021-45966
An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, /services/apply in exd.pl allows remote attackers to execute arbitrary code via shell metacharacters...
CVE-2021-45966
Pascom Cloud Phone System prior to 7.20.x contains a remote code execution flaw in the management REST API: /services/apply in exd.pl does not properly filter shell metacharacters, enabling an attacker to run arbitrary code. Affected component is the /services/apply endpoint of the exd.pl script;...