Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

0day.today
0day.todayadded 2020/05/07 12:0 a.m.50 views

TrixBox CE 2.8.0.4 Command Execution Exploit

This Metasploit module exploits an authenticated OS command injection vulnerability found in Trixbox CE versions 1.2.0 through 2.8.0.4 inclusive in the network POST parameter of the /maint/modules/endpointcfg/endpointdevicemap.php page. Successful exploitation allows for arbitrary command executi...

9CVSS9.2AI score0.68858EPSS
Exploits4
CVE
CVEadded 2020/05/01 3:50 p.m.202 views

CVE-2020-7351

CVE-2020-7351 describes an authenticated OS command injection in Fonality Trixbox Community Edition, affecting the endpoint_devicemap.php component. The vulnerability allows execution of arbitrary OS commands as the user asterisk via the network POST parameter in /maint/modules/endpointcfg/endpoi...

9CVSS8.3AI score0.68858EPSS
Exploits4References2Affected Software1
Cvelist
Cvelistadded 2020/05/01 3:50 p.m.27 views

CVE-2020-7351 Fonality Trixbox CE Post-Authentication Command Injection

An OS Command Injection vulnerability in the endpointdevicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012...

7.3CVSS9AI score0.68858EPSS
Exploits4References2
Rows per page
Query Builder