3cx Security Vulnerabilities and Issues — 3cx CVE List

Lucene search

3cx3cx

12 matches found

CVE•added 2023/03/30 5:15 p.m.•283 views

CVE-2023-29059

3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX Desktop...

7.8CVSS7.7AI score0.00305EPSS

CVE•added 2023/05/02 5:15 a.m.•176 views

CVE-2022-48483

3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthenticated remote attackers to read %WINDIR%\system32 files via /Electron/download directory traversal in conjunction with a path component that has a drive letter and uses backslash characters. NOTE: this issue exists because of an inc...

7.5CVSS8.7AI score0.04808EPSS

CVE•added 2023/05/02 5:15 a.m.•173 views

CVE-2022-48482

3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. Files may have credentials, full backups, call recordings, and chat logs.

7.5CVSS8.6AI score0.00583EPSS

CVE•added 2022/05/06 3:15 p.m.•108 views

CVE-2022-28005

An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server (via /Electron/download directory traversal in conjunction with a path component that uses backsl...

9.8CVSS8.2AI score0.04808EPSS

CVE•added 2019/08/12 12:15 a.m.•104 views

CVE-2019-14935

3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a StartUp link.

7.8CVSS7.8AI score0.00035EPSS

CVE•added 2022/03/28 2:15 a.m.•97 views

CVE-2021-45491

3CX System through 2022-03-17 stores cleartext passwords in a database.

6.5CVSS6.4AI score0.00115EPSS

CVE•added 2024/05/03 2:15 a.m.•70 views

CVE-2023-27362

3CX Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 3CX. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerabil...

7CVSS7.1AI score0.00151EPSS

CVE•added 2022/03/28 2:15 a.m.•69 views

CVE-2021-45490

The client applications in 3CX on Windows, the 3CX app for iOS, and the 3CX application for Android through 2022-03-17 lack SSL certificate validation.

9.1CVSS8.9AI score0.00129EPSS

CVE•added 2017/10/18 6:29 p.m.•62 views

CVE-2017-15359

In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to a...

6.5CVSS6.2AI score0.06863EPSS

CVE•added 2019/08/08 2:15 p.m.•41 views

CVE-2019-13176

An issue was discovered in the 3CX Phone system (web) management console 12.5.44178.1002 through 12.5 SP2. The Content.MainForm.wgx component is affected by XXE via a crafted XML document in POST data. There is potential to use this for SSRF (reading local files, outbound HTTP, and outbound DNS).

7.5CVSS7.3AI score0.00371EPSS

CVE•added 2023/12/25 8:15 a.m.•38 views

CVE-2023-49954

The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name, search string, or email address.

9.8CVSS9.7AI score0.0068EPSS

CVE•added 2018/03/04 1:29 a.m.•35 views

CVE-2018-7654

On 3CX 15.5.6354.2 devices, the parameter "file" in the request "/api/RecordingList/download?file=" allows full access to files on the server via path traversal.

6.5CVSS6.4AI score0.00405EPSS