12 matches found
CVE-2023-29059
CVE-2023-29059 is a supply-chain compromise affecting the 3CX DesktopApp (Windows Electron: 18.12.407/18.12.416; macOS Electron: 18.11.1213/18.12.402/18.12.407/18.12.416). The initial installer drops legitimate 3CX components, then loads a malicious ffmpeg.dll that loads d3dcompiler_47.dll, which...
CVE-2022-48483
3CX on Windows is vulnerable to a directory-traversal on /Electron/download in versions before 18 Hotfix 1 (18.0.3.461), allowing unauthenticated remote reading of %WINDIR%\system32. Root cause: an incomplete fix for CVE-2022-28005. Impact is read access; no exploit details provided. Remediation:...
CVE-2022-48482
CVE-2022-48482 affects 3CX Phone System on Windows prior to 18 Update 2 Security Hotfix 18.0.2.315. The issue is a directory traversal vulnerability in the /Electron/download interface that allows unauthenticated remote readers to access files (including credentials, backups, call recordings, and...
CVE-2022-28005
CVE-2022-28005 affects the 3CX Phone System Management Console prior to version 18 Update 3 FINAL on Windows. It allows an unauthenticated attacker to traverse the server via /Electron/download with backslash-using path components, leading to cleartext credential disclosure; a subsequent authenti...
CVE-2019-14935
3CX Phone 15 (Windows) is affected by insecure permissions in the installation directory "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp": Full Control for Everyone, enabling privilege escalation via a StartUp link. Root cause is improper directory permissions granting high access. Multiple sources ...
CVE-2021-45491
CVE-2021-45491 affects 3CX System up to 2022-03-17, where passwords are stored in cleartext in the database and are exportable via the management interface. The vulnerability stems from storing credentials in an unencrypted form, enabling potential disclosure of user passwords. The public documen...
CVE-2021-45490
The CVE-2021-45490 entry concerns 3CX client software (Windows, iOS, Android) through 2022-03-17 where TLS/SSL certificate validation is not performed. The NVD entry documents this as a vulnerability in the clients’ TLS handling, with CVSS v3.1 base score 9.1 (network attack, no privileges, high ...
CVE-2023-27362
CVE-2023-27362 (3CX) involves a vulnerability in 3CX where the OpenSSL configuration file is loaded from an unsecured location, enabling a local attacker who can run low-privilege code to escalate to SYSTEM and execute arbitrary code. The flaw is tied to the product’s OpenSSL configuration handli...
CVE-2017-15359
CVE-2017-15359 affects 3CX Phone System 15.5.3554.1, where the Management Console (typically listening on port 5001) is vulnerable to directory traversal via /api/RecordingList/DownloadRecord?file= and /api/SupportInfo?file=, requiring authentication to exploit. The vulnerability enables an attac...
CVE-2023-49954
The CVE-2023-49954 issue affects the CRM Integration in 3CX, allowing SQL Injection via a first name, search string, or email address. Affected products/versions are 3CX prior to 18.0.9.23 and 3CX 20 prior to 20.0.0.1494. Root cause: improper handling of SQL queries in the CRM Integration, enabli...
CVE-2019-13176
The CVE-2019-13176 issue affects the 3CX Phone System web management console (versions 12.5.44178.1002 through 12.5 SP2). The vulnerable component is Content.MainForm.wgx, which is susceptible to XML External Entity (XXE) processing when a crafted XML document is placed in POST data. This may ena...
CVE-2018-7654
CVE-2018-7654 affects 3CX devices (reported for version 15.5.6354.2). A path traversal flaw in the file parameter of the request /api/RecordingList/download?file= enables full access to server files. Root cause is a path traversal vulnerability in the download endpoint; detailed exploit status is...