Lucene search
+L

5 matches found

NVD
NVD
added 2023/04/04 1:15 p.m.27 views

CVE-2023-25356

CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to, the sipXcom server. This can also be leverage...

8.8CVSS8.9AI score0.02145EPSS
Exploits3References1
CVE
CVE
added 2023/04/04 12:0 a.m.106 views

CVE-2023-25356

CVE-2023-25356 affects CoreDial sipXcom up to and including 21.04. The issue is Improper Neutralization of Argument Delimiters in a Command via XMPP, allowing injection of arbitrary arguments into a system command, enabling reading and writing files on the sipXcom server and potentially remote co...

8.8CVSS8.8AI score0.02145EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2023/04/04 12:0 a.m.61 views

CVE-2023-25356

CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to, the sipXcom server. This can also be leverage...

9.1AI score0.02145EPSS
Exploits3References1
0day.today
0day.today
added 2023/03/07 12:0 a.m.627 views

CoreDial sipXcom sipXopenfire 21.04 Remote Command Execution / Weak Permissionsundefined Exploit

CoreDial sipXcom sipXopenfire versions 21.04 and below suffer from XMPP message system command argument injection and insecure service file permissions that when chained together gives root. ¯¯¯¯¯¯¯/ ༼ つ ◕◕ ༽つ ง'̀-'́ง ╯°□°)╯︵ ┻━┻ ヽ´ー`ノ /¯¯...

8.8CVSS9AI score0.02501EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/03/07 12:0 a.m.619 views

CoreDial sipXcom sipXopenfire 21.04 Remote Command Execution / Weak Permissions

¯¯¯¯¯¯¯/ ༼ つ ◕◕ ༽つ ง'̀-'́ง ╯°□°)╯︵ ┻━┻ ヽ´ー`ノ /¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Product: sipXcom sipXopenfire Vendor: CoreDial Name: "sipXcom sipXopenfire XMPP message system command argument injection and insecure service file permissions RCE" Version:...

9AI score0.02501EPSS
Exploits4
Rows per page
Query Builder