CVE-2007-6424

CVE-2007-6424 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS spoofing attack.

Learn more about our Web App Pen Testing.