CVE-2014-9001

MEDIUM(6.5)

AV:N/AC:L/Au:S/C:P/I:P/A:P

Risk Signal Score17/100 — NIEDRIG

CVSS 6.5 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

6.5

Technische Schwere

Beschreibung

reminders/index.php in Incredible PBX 11 2.0.6.5.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) APPTMIN, (2) APPTHR, (3) APPTDA, (4) APPTMO, (5) APPTYR, or (6) APPTPHONE parameters.

Referenzen

http://seclists.org/fulldisclosure/2014/Oct/101
http://seclists.org/fulldisclosure/2014/Oct/101