registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote malicious users to disable trixbox and execute arbitrary commands via a DNS spoofing attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netfortris trixbox 2.0 |