|
|||
Rule General Information |
---|
Release Date: | 2017-08-23 | |
Rule Name: | WEB-OTHER VICIdial user_authorization Unauthenticated Command Execution | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | A vulnerability was found in VICIdial versions 2.9 RC 1 to 2.13 RC1 which allows unauthenticated users to execute arbitrary operating system commands as the web server user if password encryption is enabled. | |
Impact: | Remote command execution | |
Affected OS: | Other Unix | |
Reference: | msf |
|
Solutions |
---|
Update vendor's patch. |