CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 2CVE-2018-19911
https://notcve.org/view.php?id=CVE-2018-19911
FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system (or api/bg_system or txtapi/bg_system) query string on TCP port 8080, as demonstrated by an api/system?calc URI. This can also be exploited via CSRF. Alternatively, the default password of works for the freeswitch account can sometimes be used. FreeSWITCH hasta la versión 1.8.2, cuando mod_xml_rpc está habilitado, permite que atacantes remotos ejecuten comandos arbitrarios mediante las cadenas de consulta api/system o txtapi/system (o api/bg_system o txtapi/bg_system) en el puerto TCP 8080, tal y como queda demostrado por un URI api/system? • https://github.com/iSafeBlue/freeswitch_rce/blob/master/README-en.md https://github.com/iSafeBlue/freeswitch_rce/blob/master/freeswitch_rce.py • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 1CVE-2015-7392
https://notcve.org/view.php?id=CVE-2015-7392
Heap-based buffer overflow in the parse_string function in libs/esl/src/esl_json.c in FreeSWITCH before 1.4.23 and 1.6.x before 1.6.2 allows remote attackers to execute arbitrary code via a trailing \u in a json string to cJSON_Parse. Desbordamiento de buffer basado en memoria dinámica en la función parse_string en libs/esl/src/esl_json.c en FreeSWITCH en versiones anteriores a 1.4.23 y 1.6.x en versiones anteriores a 1.6.2 permite a atacantes remotos ejecutar código arbitrario a través de un \u final en una cadena json a cJSON_Parse. • http://packetstormsecurity.com/files/133781/freeswitch-Heap-Overflow.html http://www.securityfocus.com/archive/1/536569/100/0/threaded https://freeswitch.org/stash/projects/FS/repos/freeswitch/commits/cf8925 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 1CVE-2013-2238
https://notcve.org/view.php?id=CVE-2013-2238
Multiple buffer overflows in the switch_perform_substitution function in switch_regex.c in FreeSWITCH 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the index and substituted variables. Múltiples desbordamientos de búfer en la función switch_perform_substitution en switch_regex.c en FreeSWITCH v1.2 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de vectores relacionados con las variables index y substituted. • http://jira.freeswitch.org/browse/FS-5566 http://www.openwall.com/lists/oss-security/2013/07/04/4 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •