Filtered by vendor Coredial
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-25356 | 1 Coredial | 1 Sipxcom | 2024-08-02 | 8.8 High |
| CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to, the sipXcom server. This can also be leveraged to gain remote command execution. | ||||
| CVE-2023-25355 | 1 Coredial | 1 Sipxcom | 2024-08-02 | 8.8 High |
| CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the `daemon` user on a sipXcom server can overwrite a service file, and escalate their privileges to `root`. | ||||
Page 1 of 1.