TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2007-3010

CRITICALCISA KEV
9.8

Beschreibung

masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.

CVE Details

CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht9/18/2007
Zuletzt geandert10/22/2025
Quellekev
Honeypot-Sichtungen0

CISA KEV

HerstellerAlcatel
ProduktOmniPCX Enterprise
SchwachstellennameAlcatel OmniPCX Enterprise Remote Code Execution Vulnerability
KEV Aufnahmedatum2022-04-15
Behebungsfrist2022-05-06
Ransomware-NutzungUnknown

Betroffene Produkte

al-enterprise:omnipcx_enterprise_communication_server

Schwachen (CWE)

CWE-77

Referenzen

http://marc.info/?l=full-disclosure&m=119002152126755&w=2(cve@mitre.org)
http://osvdb.org/40521(cve@mitre.org)
http://secunia.com/advisories/26853(cve@mitre.org)
http://www.redteam-pentesting.de/advisories/rt-sa-2007-001.php(cve@mitre.org)
http://www.securityfocus.com/archive/1/479699/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/25694(cve@mitre.org)
http://www.vupen.com/english/advisories/2007/3185(cve@mitre.org)
http://www1.alcatel-lucent.com/psirt/statements/2007002/OXEUMT.htm(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36632(cve@mitre.org)
http://marc.info/?l=full-disclosure&m=119002152126755&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/40521(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26853(af854a3a-2127-422b-91ae-364da2661108)
http://www.redteam-pentesting.de/advisories/rt-sa-2007-001.php(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/479699/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/25694(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/3185(af854a3a-2127-422b-91ae-364da2661108)
http://www1.alcatel-lucent.com/psirt/statements/2007002/OXEUMT.htm(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36632(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2007-3010(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.