Vulnerabilities > Netfortris

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-01	CVE-2020-7351	OS Command Injection vulnerability in Netfortris Trixbox 1.2.0/2.8.0.4 An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user. network low complexity netfortris CWE-78 critical	9.0
2018-02-16	CVE-2017-14537	Path Traversal vulnerability in Netfortris Trixbox 2.8.0.4 trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php. network low complexity netfortris CWE-22	4.0
2018-02-16	CVE-2017-14536	Cross-site Scripting vulnerability in Netfortris Trixbox 2.8.0.4 trixbox 2.8.0.4 has XSS via the PATH_INFO to /maint/index.php or /user/includes/language/langChooser.php. network netfortris CWE-79	3.5
2018-02-16	CVE-2017-14535	OS Command Injection vulnerability in Netfortris Trixbox 2.8.0.4 trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php. network low complexity netfortris CWE-78 critical	9.0
2014-07-28	CVE-2014-5112	Code Injection vulnerability in Netfortris Trixbox maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary commands via shell metacharacters in the lang parameter. network low complexity netfortris CWE-94	7.5
2014-07-28	CVE-2014-5111	Path Traversal vulnerability in Netfortris Trixbox Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. network low complexity netfortris CWE-22	5.0

Vulnerabilities > Netfortris {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Netfortris"}]}

Vulnerabilities > Netfortris