Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to, the sipXcom server. This can also be leveraged to gain remote command execution.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CoreDial sipXcom sipXopenfire 参数注入漏洞
Vulnerability Description
CoreDial sipXcom sipXopenfire是美国CoreDial公司的一个电信应用程序。 CoreDial sipXcom sipXopenfire 21.04及之前版本存在参数注入漏洞,该漏洞源于存在操作系统命令参数注入,攻击者利用该漏洞可以以系统root用户身份执行命令。
CVSS Information
N/A
Vulnerability Type
N/A