CVE-2013-5758 in SIP-T38G
Сводка (Английский)
cgi-bin/cgiServer.exx in Yealink VoIP Phone SIP-T38G allows remote authenticated users to execute arbitrary commands by calling the system method in the body of a request, as demonstrated by running unauthorized services, changing directory permissions, and modifying files.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Резервировать
18.09.2013
Раскрытие
03.08.2014
Статус
Подтверждённый
Записи
VulDB provides additional information and datapoints for this CVE:
| ИД | Уязвимость | CWE | Экс | Кон | CVE |
|---|---|---|---|---|---|
| 70535 | Yealink SIP-T38G эскалация привилегий | 78 | Доказательство концепции | Не определено | CVE-2013-5758 |