Vulnerabilities > 3CX > 3CX > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-02 | CVE-2022-48482 | Path Traversal vulnerability in 3CX 3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. | 7.5 |
2023-05-02 | CVE-2022-48483 | Path Traversal vulnerability in 3CX 3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthenticated remote attackers to read %WINDIR%\system32 files via /Electron/download directory traversal in conjunction with a path component that has a drive letter and uses backslash characters. | 7.5 |