CVE-2024-8504 Information

Sep 11, 2024 cve

Description

An attacker with authenticated access to VICIdial as an gent\ can execute arbitrary shell commands as the oot\ user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective.

Reference

https://korelogic.com/Resources/Advisories/KL-001-2024-012.txt https://www.vicidial.org/vicidial.php

Share on: