An exploitable privilege escalation vulnerability exists in the WebPro functionality of Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices. A specially crafted HTTP POST can cause privilege escalation resulting in a higher privileged account, including an undocumented developer level of access.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nec sv8100_firmware |
||
nec sv9100_firmware |
||
nec sl1100_firmware |
||
nec sl2100_firmware |