CNNVD-202512-2319 Information

CNNVD ID

CNNVD-202512-2319

Related CVE

CVE-2024-58314

• CNNVD Published: 2025-12-12

Description (Chinese)

ATCOM 100M是希腊ATCOM公司的一款IP电话。 ATCOM 100M 2.7.x.x版本存在操作系统命令注入漏洞，该漏洞源于web配置CGI脚本存在命令注入，可能导致执行任意系统命令。

Description (English)

ATCOM 100M is an IP call from ATCOM Greece. ATCOM 100M 2.7x.x has a loophole in the operating system command, which stems from the web-configured CGI script-based command injection, which may result in the performance of an arbitrary system command.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

ATCOM

Published

2025-12-12

Last Modified

2026-02-24

References

https://www.atcom.cn/html/yingwenban/Product/Fast_IP_phone/2017/1023/135.html https://www.exploit-db.com/exploits/51742 https://www.vulncheck.com/advisories/atcom-xx-authenticated-command-injection-via-web-configuration-cgi