CVE-2017-15359
3CX Phone System 15.5.3554.1 - Directory Traversal
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to access sensitive information to aid in subsequent attacks.
En 3CX Phone System 15.5.3554.1, la consola de gestión suele escuchar al puerto 5001 y es propenso a un ataque de salto de directorio: "/api/RecordingList/DownloadRecord?file=" y "/api/SupportInfo?file=" son los parámetros vulnerables. Un atacante debe estar autenticado para explotar este problema y acceder a información sensible que pueda resultar de ayuda en futuros ataques.
3CX Phone System version 15.5.3554.1 suffers from an authentication directory traversal vulnerability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-10-15 CVE Reserved
- 2017-10-16 CVE Published
- 2023-03-11 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/fulldisclosure/2017/Oct/37 | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/42991 | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| 3cx Search vendor "3cx" | 3cx Search vendor "3cx" for product "3cx" | 15.5.3554.1 Search vendor "3cx" for product "3cx" and version "15.5.3554.1" | - |
Affected
| ||||||