CVE-2020-7351 - Vulnerability Details - OpenCVE

Description

An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012. This issue affects: Fonality Trixbox Community Edition, versions 1.2.0 through 2.8.0.4. Versions 1.0 and 1.1 are unaffected.

Published: 2020-05-01

Score: 7.3 High

EPSS: 67.8% High

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Fonality

Trixbox Community Edition

affected

Version	Status	Constraints
`1.0`	unaffected	—
`1.1`	unaffected	—
`2.8.0.4`	affected	≤ 2.8.0.4

Configuration 1 [-]

cpe:2.3:a:netfortris:trixbox:*:*:*:*:community:*:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.67754.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html
https://github.com/rapid7/metasploit-framework/pull/13353

History

No history.

Subscriptions

Netfortris Trixbox

MITRE

Status: PUBLISHED

Assigner: rapid7

Published: 2020-05-01T15:50:13.910Z

Updated: 2024-09-16T22:55:46.483Z

Reserved: 2020-01-21T00:00:00.000Z

Link: CVE-2020-7351

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-05-01T16:15:12.840

Modified: 2024-11-21T05:37:05.940

Link: CVE-2020-7351

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-78

{"containers": {"cna": {"affected": [{"product": "Trixbox Community Edition", "vendor": "Fonality", "versions": [{"status": "unaffected", "version": "1.0"}, {"status": "unaffected", "version": "1.1"}, {"lessThanOrEqual": "2.8.0.4", "status": "affected", "version": "2.8.0.4", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "This issue was discovered and reported by Anastasios Stasinopoulos."}], "datePublic": "2020-04-28T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the \"asterisk\" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012. This issue affects: Fonality Trixbox Community Edition, versions 1.2.0 through 2.8.0.4. Versions 1.0 and 1.1 are unaffected."}], "exploits": [{"lang": "en", "value": "An exploit is available at https://github.com/rapid7/metasploit-framework/pull/13353"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 OS Command Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-05-05T22:06:04.000Z", "orgId": "9974b330-7714-4307-a722-5648477acda7", "shortName": "rapid7"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/rapid7/metasploit-framework/pull/13353"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html"}], "source": {"discovery": "EXTERNAL"}, "title": "Fonality Trixbox CE Post-Authentication Command Injection", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "", "ASSIGNER": "cve@rapid7.com", "DATE_PUBLIC": "2020-04-28T14:27:00.000Z", "ID": "CVE-2020-7351", "STATE": "PUBLIC", "TITLE": "Fonality Trixbox CE Post-Authentication Command Injection"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Trixbox Community Edition", "version": {"version_data": [{"platform": "", "version_affected": "<=", "version_name": "2.8.0.4", "version_value": "2.8.0.4"}, {"platform": "", "version_affected": "!", "version_name": "1.0", "version_value": "1.0"}, {"platform": "", "version_affected": "!", "version_name": "1.1", "version_value": "1.1"}]}}]}, "vendor_name": "Fonality"}]}}, "configuration": [], "credit": [{"lang": "eng", "value": "This issue was discovered and reported by Anastasios Stasinopoulos."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the \"asterisk\" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012. This issue affects: Fonality Trixbox Community Edition, versions 1.2.0 through 2.8.0.4. Versions 1.0 and 1.1 are unaffected."}]}, "exploit": [{"lang": "en", "value": "An exploit is available at https://github.com/rapid7/metasploit-framework/pull/13353"}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-78 OS Command Injection"}]}]}, "references": {"reference_data": [{"name": "https://github.com/rapid7/metasploit-framework/pull/13353", "refsource": "MISC", "url": "https://github.com/rapid7/metasploit-framework/pull/13353"}, {"name": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html"}]}, "solution": [], "source": {"advisory": "", "defect": [], "discovery": "EXTERNAL"}, "work_around": []}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:25:49.041Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/rapid7/metasploit-framework/pull/13353"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html"}]}]}, "cveMetadata": {"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7", "assignerShortName": "rapid7", "cveId": "CVE-2020-7351", "datePublished": "2020-05-01T15:50:13.910Z", "dateReserved": "2020-01-21T00:00:00.000Z", "dateUpdated": "2024-09-16T22:55:46.483Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netfortris:trixbox:*:*:*:*:community:*:*:*", "matchCriteriaId": "3F6F3C89-2CBC-4E44-BB9B-B20DE2430BB1", "versionEndIncluding": "2.8.0.4", "versionStartIncluding": "1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the \"asterisk\" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012. This issue affects: Fonality Trixbox Community Edition, versions 1.2.0 through 2.8.0.4. Versions 1.0 and 1.1 are unaffected."}, {"lang": "es", "value": "Una vulnerabilidad de Inyecci\u00f3n de Comandos del Sistema Operativo en el componente endpoint_devicemap.php de Fonality Trixbox Community Edition, permite a un atacante ejecutar comandos en el sistema operativo subyacente como el usuario \"asterisk\". Tome en cuenta que Trixbox Community Edition hab\u00eda sido incompatible por el proveedor desde 2012. Este problema afecta a: Fonality Trixbox Community Edition, versiones 1.2.0 hasta 2.8.0.4. Las versiones 1.0 y 1.1 no est\u00e1n afectadas."}], "id": "CVE-2020-7351", "lastModified": "2024-11-21T05:37:05.940", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.2, "source": "cve@rapid7.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-05-01T16:15:12.840", "references": [{"source": "cve@rapid7.com", "tags": ["Exploit", "Third Party Advisory"], "url": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html"}, {"source": "cve@rapid7.com", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/rapid7/metasploit-framework/pull/13353"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/rapid7/metasploit-framework/pull/13353"}], "sourceIdentifier": "cve@rapid7.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "cve@rapid7.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}