CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-14905
https://notcve.org/view.php?id=CVE-2018-14905
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on the api/CallLog TimeZoneName parameter. El servidor web en 3CX 15.5.8801.3 es vulnerable a Cross-Site Scripting (XSS) reflejado en el parámetro TimeZoneName en api/CallLog. • https://medium.com/stolabs/security-issues-on-3cx-web-service-d9dc7f1bea79 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-14906
https://notcve.org/view.php?id=CVE-2018-14906
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on all stack traces' propertyPath parameters. El servidor web en 3CX 15.5.8801.3 es vulnerable a Cross-Site Scripting (XSS) reflejado en todos los parámetros propertyPath de las trazas de pila. • https://medium.com/stolabs/security-issues-on-3cx-web-service-d9dc7f1bea79 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2018-14907
https://notcve.org/view.php?id=CVE-2018-14907
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname. El servidor web en 3CX 15.5.8801.3 es vulnerable a una fuga de información, debido al manejo de errores incorrecto en las trazas de pila, tal y como queda demostrado con el descubrimiento de un nombre de ruta completo. • https://medium.com/stolabs/security-issues-on-3cx-web-service-d9dc7f1bea79 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7654
https://notcve.org/view.php?id=CVE-2018-7654
On 3CX 15.5.6354.2 devices, the parameter "file" in the request "/api/RecordingList/download?file=" allows full access to files on the server via path traversal. En dispositivos 3CX 15.5.6354.2, el parámetro "file" en la petición "/api/RecordingList/download?file=" permite el acceso total a archivos en el servidor mediante el salto de directorio. • http://www.rootlabs.com.br/path-traversal-in-3cx https://medium.com/stolabs/path-traversal-in-3cx-7421a8ffdb7a • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15359 – 3CX Phone System 15.5.3554.1 - Directory Traversal
https://notcve.org/view.php?id=CVE-2017-15359
In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to access sensitive information to aid in subsequent attacks. En 3CX Phone System 15.5.3554.1, la consola de gestión suele escuchar al puerto 5001 y es propenso a un ataque de salto de directorio: "/api/RecordingList/DownloadRecord? • https://www.exploit-db.com/exploits/42991 http://seclists.org/fulldisclosure/2017/Oct/37 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •