8 matches found
CVE-2013-7382
VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the 1 VDAD and 2 VDCL users, which makes it easier for remote attackers to obtain access...
EUVD-2013-7148
Malware in sbrugna...
Hardcoded credentials
VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the 1 VDAD and 2 VDCL users, which makes it easier for remote attackers to obtain access...
CVE-2013-7382
VICIDIAL dialer (Asterisk GUI client) versions 2.8-403a, 2.7, 2.7RC1 and earlier are affected by a hardcoded credential vulnerability. The root cause is a hardcoded password, donotedit, assigned to the VDAD and VDCL user accounts, which could allow remote attackers to gain access. This CVE detail...
CVE-2013-7382
VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the 1 VDAD and 2 VDCL users, which makes it easier for remote attackers to obtain access...
CVE-2013-4468
VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in the extension parameter in an OriginateVDRelogin action to managersend.php...
CVE-2013-4467
Multiple SQL injection vulnerabilities in the agent interface agc/ in VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier allow 1 remote attackers to execute arbitrary SQL commands via the campaign variable in SCRIPTmultirecordingAJAX.php, 2 remote authenticated users to...
CVE-2013-4467
Multiple SQL injection vulnerabilities in the agent interface agc/ in VICIDIAL dialer aka Asterisk GUI client 2.8-403a, 2.7, 2.7RC1, and earlier allow 1 remote attackers to execute arbitrary SQL commands via the campaign variable in SCRIPTmultirecordingAJAX.php, 2 remote authenticated users to...