| |
Vulnerability CVE-2023-25355
Published: 2023-04-04
Description: |
CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the `daemon` user on a sipXcom server can overwrite a service file, and escalate their privileges to `root`. |
See advisories in our WLB2 database: | Topic | Author | Date |
High |
| Systems Research... | 08.03.2023 |
Type:
CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
)
References: |
https://seclists.org/fulldisclosure/2023/Mar/5
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|