5 matches found
CVE-2022-48482
3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. Files may have credentials, full backups, call recordings, and chat logs...
PT-2023-15816 · 3Cx · 3Cx
Name of the Vulnerable Software and Affected Versions: 3CX versions prior to 18 Hotfix 1 build 18.0.3.461 Description: The issue allows unauthenticated remote attackers to read files in the %WINDIR%system32 directory via directory traversal in the /Electron/download endpoint, specifically when...
PT-2023-15815 · 3Cx · 3Cx
Name of the Vulnerable Software and Affected Versions: 3CX versions prior to 18 Update 2 Security Hotfix build 18.0.2.315 Description: The issue allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. These files may contain credentials, full...
3CX 路径遍历漏洞
3CX is an IP PBX an IP-based corporate phone system based on open standards for software that provides complete unified communications. A security vulnerability exists in 3CX that stems from a directory traversal vulnerability in the /Electron/download interface, which allows reading the...
3CX 路径遍历漏洞
3CX is an IP PBX an IP-based corporate phone system based on software open standards that provides complete unified communications. A security vulnerability exists in 3CX that stems from a directory traversal vulnerability in the /Electron/download interface, which allows certain files to be read...