Vulnerabilities > Netfortris > Trixbox > High

DATE CVE VULNERABILITY TITLE RISK
2020-05-01 CVE-2020-7351 OS Command Injection vulnerability in Netfortris Trixbox 1.2.0/2.8.0.4
An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user.
network
low complexity
netfortris CWE-78
8.8
8.8
2018-02-16 CVE-2017-14535 OS Command Injection vulnerability in Netfortris Trixbox 2.8.0.4
trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php.
network
low complexity
netfortris CWE-78
8.8
8.8