EUVD-2013-6640

Malware in sbrugna...

CCSP 7.2.5 API XML Injection / Server-Side Request Forgery

!-- Exploit Title: Enghouse Interactive´s CCSP 7.2.5 API XXE and SSRF vulnerability via unauthenticated GET Request Date: 05-08-2018 Exploit Author: David Herrero Vendor Homepage: https://www.enghouseinteractive.com Software Link:...

CVE-2013-6838

An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro VIP2000 9.0.3 rel903, when using OpenVZ and fallback customization, uses the same SSH private key across different customers' installations, which allows remote attackers to gain privileges b...

Design/Logic Flaw

An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro VIP2000 9.0.3 rel903, when using OpenVZ and fallback customization, uses the same SSH private key across different customers' installations, which allows remote attackers to gain privileges b...

CVE-2013-6838

An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro VIP2000 9.0.3 rel903, when using OpenVZ and fallback customization, uses the same SSH private key across different customers' installations, which allows remote attackers to gain privileges b...

CVE-2013-6838

CVE-2013-6838 affects Enghouse Interactive IVR Pro (VIP2000) 9.0.3 (rel903) when using OpenVZ with fallback customization. The vulnerability stems from using the same SSH private key across different customer installations, enabling remote attackers to gain privileges; advisories (XPD-2013-001) d...

Enghouse Interactive IVR Pro (VIP2000) Remote Root

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 XPD - XPD Advisory https://xpd.se Enghouse Interactive IVR Pro VIP2000 remote root authentication bypass Vulnerability Advisory ID: XPD-2013-001 CVE reference: CVE-2013-6838 Affected platforms: IVR Pro/Contact Center VIP2000 platforms with OpenVZ an...