Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. Files may have credentials, full backups, call recordings, and chat logs.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
3CX 路径遍历漏洞
Vulnerability Description
3CX是一款基于软件开放标准的IP PBX(一种基于IP的公司电话系统),可以提供完整的统一通信。 3CX 存在安全漏洞,该漏洞源于 /Electron/download 接口存在目录遍历漏洞,通过该漏洞可以读取某些文件。
CVSS Information
N/A
Vulnerability Type
N/A