Vulnerabilites related to Fonality - Trixbox Community Edition
cve-2020-7351
Vulnerability from cvelistv5
Published
2020-05-01 15:50
Modified
2024-09-16 22:55
Severity ?
EPSS score ?
Summary
An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012. This issue affects: Fonality Trixbox Community Edition, versions 1.2.0 through 2.8.0.4. Versions 1.0 and 1.1 are unaffected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/rapid7/metasploit-framework/pull/13353 | x_refsource_MISC | |
| http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fonality | Trixbox Community Edition |
Version: 2.8.0.4 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:49.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/13353"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trixbox Community Edition",
"vendor": "Fonality",
"versions": [
{
"status": "unaffected",
"version": "1.0"
},
{
"status": "unaffected",
"version": "1.1"
},
{
"lessThanOrEqual": "2.8.0.4",
"status": "affected",
"version": "2.8.0.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered and reported by Anastasios Stasinopoulos."
}
],
"datePublic": "2020-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the \"asterisk\" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012. This issue affects: Fonality Trixbox Community Edition, versions 1.2.0 through 2.8.0.4. Versions 1.0 and 1.1 are unaffected."
}
],
"exploits": [
{
"lang": "en",
"value": "An exploit is available at https://github.com/rapid7/metasploit-framework/pull/13353"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-05T22:06:04",
"orgId": "9974b330-7714-4307-a722-5648477acda7",
"shortName": "rapid7"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/13353"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Fonality Trixbox CE Post-Authentication Command Injection",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "",
"ASSIGNER": "cve@rapid7.com",
"DATE_PUBLIC": "2020-04-28T14:27:00.000Z",
"ID": "CVE-2020-7351",
"STATE": "PUBLIC",
"TITLE": "Fonality Trixbox CE Post-Authentication Command Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trixbox Community Edition",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c=",
"version_name": "2.8.0.4",
"version_value": "2.8.0.4"
},
{
"platform": "",
"version_affected": "!",
"version_name": "1.0",
"version_value": "1.0"
},
{
"platform": "",
"version_affected": "!",
"version_name": "1.1",
"version_value": "1.1"
}
]
}
}
]
},
"vendor_name": "Fonality"
}
]
}
},
"configuration": [],
"credit": [
{
"lang": "eng",
"value": "This issue was discovered and reported by Anastasios Stasinopoulos."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the \"asterisk\" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012. This issue affects: Fonality Trixbox Community Edition, versions 1.2.0 through 2.8.0.4. Versions 1.0 and 1.1 are unaffected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "An exploit is available at https://github.com/rapid7/metasploit-framework/pull/13353"
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/rapid7/metasploit-framework/pull/13353",
"refsource": "MISC",
"url": "https://github.com/rapid7/metasploit-framework/pull/13353"
},
{
"name": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html"
}
]
},
"solution": [],
"source": {
"advisory": "",
"defect": [],
"discovery": "EXTERNAL"
},
"work_around": []
}
}
},
"cveMetadata": {
"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
"assignerShortName": "rapid7",
"cveId": "CVE-2020-7351",
"datePublished": "2020-05-01T15:50:13.910425Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-16T22:55:46.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}