Lucene search
+L

5 matches found

NVD
NVD
added 2023/04/04 1:15 p.m.27 views

CVE-2023-25356

CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to, the sipXcom server. This can also be leverage...

8.8CVSS8.9AI score0.02145EPSS
Exploits3References1
CVE
CVE
added 2023/04/04 12:0 a.m.106 views

CVE-2023-25356

CVE-2023-25356 affects CoreDial sipXcom up to and including 21.04. The issue is Improper Neutralization of Argument Delimiters in a Command via XMPP, allowing injection of arbitrary arguments into a system command, enabling reading and writing files on the sipXcom server and potentially remote co...

8.8CVSS8.8AI score0.02145EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2023/04/04 12:0 a.m.61 views

CVE-2023-25356

CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to, the sipXcom server. This can also be leverage...

9.1AI score0.02145EPSS
Exploits3References1
Packet Storm
Packet Storm
added 2023/03/07 12:0 a.m.619 views

CoreDial sipXcom sipXopenfire 21.04 Remote Command Execution / Weak Permissions

¯¯¯¯¯¯¯/ ༼ つ ◕◕ ༽つ ง'̀-'́ง ╯°□°)╯︵ ┻━┻ ヽ´ー`ノ /¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Product: sipXcom sipXopenfire Vendor: CoreDial Name: "sipXcom sipXopenfire XMPP message system command argument injection and insecure service file permissions RCE" Version:...

9AI score0.02501EPSS
Exploits4
0day.today
0day.today
added 2023/03/07 12:0 a.m.626 views

CoreDial sipXcom sipXopenfire 21.04 Remote Command Execution / Weak Permissionsundefined Exploit

CoreDial sipXcom sipXopenfire versions 21.04 and below suffer from XMPP message system command argument injection and insecure service file permissions that when chained together gives root. ¯¯¯¯¯¯¯/ ༼ つ ◕◕ ༽つ ง'̀-'́ง ╯°□°)╯︵ ┻━┻ ヽ´ー`ノ /¯¯...

8.8CVSS9AI score0.02501EPSS
Exploits4
Rows per page
Query Builder