CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-3010

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score30.5500%
EPSS Percentile93.27th
Published2007年9月18日
Last Modified2026年4月21日

Vulnerability Description

masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.

Affected Platforms (CPE)

📦
Al Enterprise

Omnipcx Enterprise Communication Server

<= 7.1

References & Advisories

🔗 http://marc.info/?l=full-disclosure&m=119002152126755&w=2
🔗 http://osvdb.org/40521
🔗 http://secunia.com/advisories/26853
🔗 http://www.redteam-pentesting.de/advisories/rt-sa-2007-001.php
🔗 http://www.securityfocus.com/archive/1/479699/100/0/threaded
🔗 http://www.securityfocus.com/bid/25694
🔗 http://www.vupen.com/english/advisories/2007/3185
🔗 http://www1.alcatel-lucent.com/psirt/statements/2007002/OXEUMT.htm

相關漏洞威脅

CVE-2007-53618.5

The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an I...

CVE-2011-03445.8

Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded we...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...