CVE-2023-25355 Information

Description

CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the daemon user on a sipXcom server can overwrite a service file and escalate their privileges to root.

Reference

https://seclists.org/fulldisclosure/2023/Mar/5