Published: 18/10/2017 Updated: 13/11/2017

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 405

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to access sensitive information to aid in subsequent attacks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
3cx 3cx 15.5.3554.1

Title: ====== 3CX Phone System - Authenticated Directory Traversal Author: ======= Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co KG CVE-ID: ======= CVE-2017-15359 Risk Information: ================= CVSS Base Score: 68 CVSS Vector: CVSS3#AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Timeline: ========= 2017-08-08 Vulnerability discovered ...

3CX Phone System version 15535541 suffers from an authentication directory traversal vulnerability ...

CWE-22 http://seclists.org/fulldisclosure/2017/Oct/37 https://www.exploit-db.com/exploits/42991/https://nvd.nist.gov https://www.exploit-db.com/exploits/42991/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-15359

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect