TROYANOSYVIRUS
Voltar para CVEs

CVE-2007-3010

CRITICALCISA KEV
9.8

Descricao

masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.

Detalhes CVE

Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado9/18/2007
Ultima modificacao10/22/2025
Fontekev
Avistamentos honeypot0

CISA KEV

FornecedorAlcatel
ProdutoOmniPCX Enterprise
Nome da vulnerabilidadeAlcatel OmniPCX Enterprise Remote Code Execution Vulnerability
Data inclusao KEV2022-04-15
Prazo de remediacao2022-05-06
Uso em ransomwareUnknown

Produtos afetados

al-enterprise:omnipcx_enterprise_communication_server

Fraquezas (CWE)

CWE-77

Referencias

http://marc.info/?l=full-disclosure&m=119002152126755&w=2(cve@mitre.org)
http://osvdb.org/40521(cve@mitre.org)
http://secunia.com/advisories/26853(cve@mitre.org)
http://www.redteam-pentesting.de/advisories/rt-sa-2007-001.php(cve@mitre.org)
http://www.securityfocus.com/archive/1/479699/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/25694(cve@mitre.org)
http://www.vupen.com/english/advisories/2007/3185(cve@mitre.org)
http://www1.alcatel-lucent.com/psirt/statements/2007002/OXEUMT.htm(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36632(cve@mitre.org)
http://marc.info/?l=full-disclosure&m=119002152126755&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/40521(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26853(af854a3a-2127-422b-91ae-364da2661108)
http://www.redteam-pentesting.de/advisories/rt-sa-2007-001.php(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/479699/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/25694(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/3185(af854a3a-2127-422b-91ae-364da2661108)
http://www1.alcatel-lucent.com/psirt/statements/2007002/OXEUMT.htm(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36632(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2007-3010(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.