Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

BDU FSTEC
BDU FSTECadded 2023/04/13 12:0 a.m.4 views

The vulnerability of the /etc/init.d/openfire file in the PBX server of the corporate IP telephony management system CoreDial sipXcom sipXopenfire allows a attacker to escalate their privileges or execute arbitrary commands.

The vulnerability of the /etc/init.d/openfire file in the CoreDial sipXcom sipXopenfire server of the corporate IP-telephony management system is related to improper privilege assignment. Exploiting this vulnerability could allow an attacker to enhance their privileges or execute arbitrary comman...

9CVSS7.9AI score0.02501EPSS
Exploits3References3Affected Software1
BDU FSTEC
BDU FSTECadded 2023/04/13 12:0 a.m.6 views

Vulnerability of the initializePlugin function in the sipXopenfire\presence-plugin\src\org\sipfoundry\openfire\plugin\presence\SipXOpenfirePlugin.java file. The PBX server of the corporate IP telephony management system CoreDial sipXcom sipXopenfire allows intruders to escalate their privileges or execute arbitrary commands.

The vulnerability lies in the function initializePlugin of the sipXopenfire\presence-plugin\src\org\sipfoundry\openfire\plugin\presence\SipXOpenfirePlugin.java file. In the PBX server of the corporate IP telephony management system, CoreDial sipXcom sipXopenfire relies on the implementation or...

9CVSS7.9AI score0.02145EPSS
Exploits3References3Affected Software1
CNNVD
CNNVDadded 2023/03/08 12:0 a.m.7 views

CoreDial sipXcom sipXopenfire 操作系统命令注入漏洞

CoreDial sipXcom sipXopenfire is a telecommunications application from CoreDial, Inc. An operating system command injection vulnerability exists in CoreDial sipXcom sipXopenfire version 21.04 and earlier, which stems from weak file permissions and can be exploited by an attacker to execute comman...

8.8CVSS8.1AI score0.02501EPSS
Exploits3References3
CNNVD
CNNVDadded 2023/03/08 12:0 a.m.6 views

CoreDial sipXcom sipXopenfire 参数注入漏洞

CoreDial sipXcom sipXopenfire is a telecommunications application from CoreDial, Inc. A parameter injection vulnerability exists in CoreDial sipXcom sipXopenfire version 21.04 and earlier, which stems from the presence of operating system command parameter injection that can be exploited by an...

8.8CVSS8.2AI score0.02145EPSS
Exploits3References3
Packet Storm
Packet Stormadded 2023/03/07 12:0 a.m.612 views

CoreDial sipXcom sipXopenfire 21.04 Remote Command Execution / Weak Permissions

¯¯¯¯¯¯¯/ ༼ つ ◕◕ ༽つ ง'̀-'́ง ╯°□°)╯︵ ┻━┻ ヽ´ー`ノ /¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Product: sipXcom sipXopenfire Vendor: CoreDial Name: "sipXcom sipXopenfire XMPP message system command argument injection and insecure service file permissions RCE" Version:...

9AI score0.02501EPSS
Exploits4
Rows per page
Query Builder