Unspecified Vulnerability in Liberty lisPBX

Common Lisp Lispbox is Common Lisp open source an IDE. A security vulnerability exists in Liberty lisPBX version 2.0-4, which can be exploited by an attacker to remotely retrieve configuration backup files from /backup/lispbx-CONF-YYYYY-MM-DD.tar or /backup/lispbx-CDR-YYYY-MM-DD.tar without...

CVE-2019-15059

In Liberty lisPBX 2.0-4, configuration backup files can be retrieved remotely from /backup/lispbx-CONF-YYYY-MM-DD.tar or /backup/lispbx-CDR-YYYY-MM-DD.tar without authentication or authorization. These configuration files have all PBX information including extension numbers, contacts, and passwor...

Authorization

In Liberty lisPBX 2.0-4, configuration backup files can be retrieved remotely from /backup/lispbx-CONF-YYYY-MM-DD.tar or /backup/lispbx-CDR-YYYY-MM-DD.tar without authentication or authorization. These configuration files have all PBX information including extension numbers, contacts, and passwor...

CVE-2019-15059

Summary: CVE-2019-15059 affects Liberty lisPBX 2.0-4. Remote backups (/backup/lispbx-CONF-YYYY-MM-DD.tar, /backup/lispbx-CDR-YYYY-MM-DD.tar) can be retrieved without authentication, exposing PBX data including extension numbers, contacts, and passwords. Impact (as stated): Unauthorized access to ...

CVE-2019-15059

In Liberty lisPBX 2.0-4, configuration backup files can be retrieved remotely from /backup/lispbx-CONF-YYYY-MM-DD.tar or /backup/lispbx-CDR-YYYY-MM-DD.tar without authentication or authorization. These configuration files have all PBX information including extension numbers, contacts, and passwor...

Liberty lisPBX 安全漏洞

Common Lisp Lispbox is Common Lisp open source an IDE. A security vulnerability exists in Liberty lisPBX version 2.0-4, which can be exploited by an attacker to remotely retrieve configuration backup files from /backup/lispbx-CONF-YYYYY-MM-DD.tar or /backup/lispbx-CDR-YYYY-MM-DD.tar without...