Security Advisory

CVE-2023-25356

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-04 00:00:00

Last updated 2025-02-13 15:49:16

Assigner mitre

State PUBLISHED

Description

CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to, the sipXcom server. This can also be leveraged to gain remote command execution.

← Browse all CVEs View on cve.org ↗