CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-6244

HIGH
7.5
CVSS Severity Score
EPSS Score0.0290%
EPSS Percentile41.52th
Published2006年12月4日
Last Modified2026年4月23日

Vulnerability Description

Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in (1) CALLERID(name) or (2) CALLERID(number).

Affected Platforms (CPE)

📦
Coalescent Systems

Freepbx

<= 2.1.3

References & Advisories

🔗 http://secunia.com/advisories/23124
🔗 http://sourceforge.net/project/shownotes.php?group_id=121515&release_id=467129
🔗 http://www.freepbx.org/trac/changeset/2076
🔗 http://www.securityfocus.com/bid/21359
🔗 http://www.vupen.com/english/advisories/2006/3019
🔗 http://secunia.com/advisories/23124
🔗 http://sourceforge.net/project/shownotes.php?group_id=121515&release_id=467129
🔗 http://www.freepbx.org/trac/changeset/2076

関連する脆弱性情報

CVE-2014-723510.0

htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, an...

CVE-2020-106669.8

The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execu...

CVE-2019-190069.8

Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control.

CVE-2021-454619.8

FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attacke...