Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:30 a.m.12 views

CVE-2022-48482

3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. Files may have credentials, full backups, call recordings, and chat logs...

7.5CVSS7AI score0.01822EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/02 12:0 a.m.5 views

CVE-2022-48482

3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. Files may have credentials, full backups, call recordings, and chat logs...

7.5AI score0.01822EPSS
Exploits0References2
CVE
CVE
added 2023/05/02 12:0 a.m.208 views

CVE-2022-48482

CVE-2022-48482 affects 3CX Phone System on Windows prior to 18 Update 2 Security Hotfix 18.0.2.315. The issue is a directory traversal vulnerability in the /Electron/download interface that allows unauthenticated remote readers to access files (including credentials, backups, call recordings, and...

7.5CVSS8.6AI score0.01822EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/05/06 3:15 p.m.27 views

CVE-2022-28005

An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server via /Electron/download directory traversal in conjunction with a path component that uses...

9.8CVSS0.0613EPSS
Exploits0References4
Prion
Prion
added 2022/05/06 3:15 p.m.18 views

Directory traversal

An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server via /Electron/download directory traversal in conjunction with a path component that uses...

5CVSS8.3AI score0.0613EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/05/06 12:0 a.m.40 views

CVE-2022-28005

An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server via /Electron/download directory traversal in conjunction with a path component that uses...

8.9AI score0.0613EPSS
Exploits0References4
Rows per page
Query Builder