NVD

Id
46137  
Name
CVE-2012-4869  
Description
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2012-09-06  
Modified Date
2012-09-07  
Seq
2012-4869  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
231494 46137 CVE-2012-4869 http://packetstormsecurity.org/files/111028/FreePBX-2.10.0-Remote-Command-Execution-XSS.html  View
231495 46137 CVE-2012-4869 20120320 FreePBX remote command execution, xss  View
231496 46137 CVE-2012-4869 18649  View
231497 46137 CVE-2012-4869 18659  View
231498 46137 CVE-2012-4869 http://www.freepbx.org/trac/ticket/5711  View
231499 46137 CVE-2012-4869 52630  View
231500 46137 CVE-2012-4869 freepbx-callmepage-command-exec(74174)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
28457 JVNDB-2012-004164 FreePBX の recordings/misc/callme_page.php における任意のコマンドを実行される脆弱性 FreePBX の recordings/misc/callme_page.php の callme_startcall 関数には、任意のコマンドを実行される脆弱性が存在します。 CVE-2012-4869 58107 CVE-2012-4869 46137 7.5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004164.html 2012-03-23 2012-09-11 View