CVE-2018-5782

ShoreTel / Mitel Connect ONSITE 19.49.5200.0 - Remote Code Execution

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vsethost.php page. Successful exploit could allow an attacker to execute arbitrary PHP code within the context of the application.

Una vulnerabilidad en el componente conferencing de Mitel Connect ONSITE, en versiones R1711-PREM y anteriores y Mitel ST 14.2, release GA28 y anteriores, podría permitir que un atacante no autenticado inyecte código PHP empleando peticiones especialmente manipuladas en la página vsethost.php. Su explotación con éxito podría permitir que un atacante ejecute código PHP arbitrario en el contexto de la aplicación.

ShoreTel / Mitel Connect ONSITE ST14.2 suffers from a remote code execution vulnerability.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-01-18 CVE Reserved
2018-03-14 CVE Published
2023-12-28 EPSS Updated
2024-08-05 CVE Updated
2024-08-05 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-94: Improper Control of Generation of Code ('Code Injection')

CAPEC

References (3)

URL	Tag	Source
https://github.com/twosevenzero/shoretel-mitel-rce	Product

URL	Date	SRC
https://www.exploit-db.com/exploits/46174	2024-08-05

URL	Date	SRC

URL	Date	SRC
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-18-0004	2019-04-26

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Mitel Search vendor "Mitel"		Connect Onsite Search vendor "Mitel" for product "Connect Onsite"				<= r1711-prem Search vendor "Mitel" for product "Connect Onsite" and version " <= r1711-prem"		-		Affected
Mitel Search vendor "Mitel"		St14.2 Search vendor "Mitel" for product "St14.2"				<= ga28 Search vendor "Mitel" for product "St14.2" and version " <= ga28"		-		Affected