CVE-2007-6424: CVE-2007-6424

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-6424

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS spoofing attack.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Netfortris Fonality Trixbox 权限许可和访问控制问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Netfortris Fonality Trixbox是美国Netfortris公司的一套商业电话软件。 Netfortris Fonality Trixbox 存在权限许可和访问控制问题漏洞，当进入一个特定环境时，Fonality Trixbox 2.0 PBX产品中的registry.pl从没有充足命令源的远程网点读取并执行一系列命令。远程攻击者可以借助一个DNS进行欺骗性攻击使trixbox失效并执行任意指令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-6424

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-6424

Please Login to view more intelligence information

http://www.trixbox.org/forums/trixbox-forums/open-discussion/trixbox-phones-homex_refsource_MISC
http://www.superunknown.org/pivot/entry.php?id=15x_refsource_MISC
http://voipsa.org/blog/2007/12/17/trixbox-contains-phone-home-code-to-retrieve-arbitrary-commands-to-execute/x_refsource_MISC
http://osvdb.org/44136vdb-entryx_refsource_OSVDB
http://voipsa.org/pipermail/voipsec_voipsa.org/2007-December/002533.htmlmailing-listx_refsource_MLIST
http://voipsa.org/pipermail/voipsec_voipsa.org/2007-December/002528.htmlmailing-listx_refsource_MLIST
http://voipsa.org/pipermail/voipsec_voipsa.org/2007-December/002522.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2007-6424

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2007-6424

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2007-6424

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-6424

III. Intelligence Information for CVE-2007-6424

New Vulnerabilities

V. Comments for CVE-2007-6424

Leave a comment