CVE-2020-7351 - OpenCVE

An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012. This issue affects: Fonality Trixbox Community Edition, versions 1.2.0 through 2.8.0.4. Versions 1.0 and 1.1 are unaffected.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Netfortris	Trixbox

Configuration 1 [-]

cpe:2.3:a:netfortris:trixbox:*:*:*:*:community:*:*:*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html
https://github.com/rapid7/metasploit-framework/pull/13353

History

No history.

MITRE

Status: PUBLISHED

Assigner: rapid7

Published: 2020-05-01T15:50:13.910425Z

Updated: 2024-09-16T22:55:46.483Z

Reserved: 2020-01-21T00:00:00

Link: CVE-2020-7351

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-05-01T16:15:12.840

Modified: 2022-04-18T09:37:06.087

Link: CVE-2020-7351

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Trixbox Community Edition", "vendor": "Fonality", "versions": [{"status": "unaffected", "version": "1.0"}, {"status": "unaffected", "version": "1.1"}, {"lessThanOrEqual": "2.8.0.4", "status": "affected", "version": "2.8.0.4", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "This issue was discovered and reported by Anastasios Stasinopoulos."}], "datePublic": "2020-04-28T00:00:00", "descriptions": [{"lang": "en", "value": "An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the \"asterisk\" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012. This issue affects: Fonality Trixbox Community Edition, versions 1.2.0 through 2.8.0.4. Versions 1.0 and 1.1 are unaffected."}], "exploits": [{"lang": "en", "value": "An exploit is available at https://github.com/rapid7/metasploit-framework/pull/13353"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 OS Command Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-05-05T22:06:04", "orgId": "9974b330-7714-4307-a722-5648477acda7", "shortName": "rapid7"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/rapid7/metasploit-framework/pull/13353"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html"}], "source": {"discovery": "EXTERNAL"}, "title": "Fonality Trixbox CE Post-Authentication Command Injection", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "", "ASSIGNER": "cve@rapid7.com", "DATE_PUBLIC": "2020-04-28T14:27:00.000Z", "ID": "CVE-2020-7351", "STATE": "PUBLIC", "TITLE": "Fonality Trixbox CE Post-Authentication Command Injection"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Trixbox Community Edition", "version": {"version_data": [{"platform": "", "version_affected": "<=", "version_name": "2.8.0.4", "version_value": "2.8.0.4"}, {"platform": "", "version_affected": "!", "version_name": "1.0", "version_value": "1.0"}, {"platform": "", "version_affected": "!", "version_name": "1.1", "version_value": "1.1"}]}}]}, "vendor_name": "Fonality"}]}}, "configuration": [], "credit": [{"lang": "eng", "value": "This issue was discovered and reported by Anastasios Stasinopoulos."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the \"asterisk\" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012. This issue affects: Fonality Trixbox Community Edition, versions 1.2.0 through 2.8.0.4. Versions 1.0 and 1.1 are unaffected."}]}, "exploit": [{"lang": "en", "value": "An exploit is available at https://github.com/rapid7/metasploit-framework/pull/13353"}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-78 OS Command Injection"}]}]}, "references": {"reference_data": [{"name": "https://github.com/rapid7/metasploit-framework/pull/13353", "refsource": "MISC", "url": "https://github.com/rapid7/metasploit-framework/pull/13353"}, {"name": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html"}]}, "solution": [], "source": {"advisory": "", "defect": [], "discovery": "EXTERNAL"}, "work_around": []}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:25:49.041Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/rapid7/metasploit-framework/pull/13353"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html"}]}]}, "cveMetadata": {"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7", "assignerShortName": "rapid7", "cveId": "CVE-2020-7351", "datePublished": "2020-05-01T15:50:13.910425Z", "dateReserved": "2020-01-21T00:00:00", "dateUpdated": "2024-09-16T22:55:46.483Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netfortris:trixbox:*:*:*:*:community:*:*:*", "matchCriteriaId": "3F6F3C89-2CBC-4E44-BB9B-B20DE2430BB1", "versionEndIncluding": "2.8.0.4", "versionStartIncluding": "1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the \"asterisk\" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012. This issue affects: Fonality Trixbox Community Edition, versions 1.2.0 through 2.8.0.4. Versions 1.0 and 1.1 are unaffected."}, {"lang": "es", "value": "Una vulnerabilidad de Inyecci\u00f3n de Comandos del Sistema Operativo en el componente endpoint_devicemap.php de Fonality Trixbox Community Edition, permite a un atacante ejecutar comandos en el sistema operativo subyacente como el usuario \"asterisk\". Tome en cuenta que Trixbox Community Edition hab\u00eda sido incompatible por el proveedor desde 2012. Este problema afecta a: Fonality Trixbox Community Edition, versiones 1.2.0 hasta 2.8.0.4. Las versiones 1.0 y 1.1 no est\u00e1n afectadas."}], "id": "CVE-2020-7351", "lastModified": "2022-04-18T09:37:06.087", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.2, "source": "cve@rapid7.com", "type": "Secondary"}]}, "published": "2020-05-01T16:15:12.840", "references": [{"source": "cve@rapid7.com", "tags": ["Exploit", "Third Party Advisory"], "url": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html"}, {"source": "cve@rapid7.com", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/rapid7/metasploit-framework/pull/13353"}], "sourceIdentifier": "cve@rapid7.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "cve@rapid7.com", "type": "Secondary"}]}