mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
882 B
882 B
CVE-2007-6424
Description
registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS spoofing attack.
POC
Reference
- http://voipsa.org/pipermail/voipsec_voipsa.org/2007-December/002528.html
- http://voipsa.org/pipermail/voipsec_voipsa.org/2007-December/002533.html
Github
No PoCs found on GitHub currently.