Lucene search
K

6 matches found

NVD
NVD
added 2022/06/07 6:15 p.m.23 views

CVE-2019-9971

PhoneSystem Terminal in 3CX Phone System Debian based installation 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z aka postrotate-command option to tcpdump can be unsafe when used in conjunction with sud...

9CVSS0.01565EPSS
Exploits1References3
NVD
NVD
added 2022/06/07 6:15 p.m.26 views

CVE-2019-9972

PhoneSystem Terminal in 3CX Phone System Debian based installation 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of " followed by " mishandling...

9CVSS0.01613EPSS
Exploits1References2
Prion
Prion
added 2022/06/07 6:15 p.m.20 views

Command injection

PhoneSystem Terminal in 3CX Phone System Debian based installation 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of " followed by " mishandling...

9CVSS8.6AI score0.01613EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/06/07 6:15 p.m.21 views

Command injection

PhoneSystem Terminal in 3CX Phone System Debian based installation 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z aka postrotate-command option to tcpdump can be unsafe when used in conjunction with sud...

9CVSS8.7AI score0.01565EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/06/07 5:57 p.m.24 views

CVE-2019-9972

PhoneSystem Terminal in 3CX Phone System Debian based installation 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of " followed by " mishandling...

8.7AI score0.01613EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/06/07 5:56 p.m.22 views

CVE-2019-9971

PhoneSystem Terminal in 3CX Phone System Debian based installation 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z aka postrotate-command option to tcpdump can be unsafe when used in conjunction with sud...

8.8AI score0.01565EPSS
Exploits1References3
Rows per page
Query Builder