CVE-2008-1331
published 2008-04-02CVE-2008-1331: cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote…
PriorityP260critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
8.78%
94.5th percentile
cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote attackers to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the id2 parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| alcatel-lucent | omnipcx_office | >= 210 < 210\/091.001 | 210\/091.001 |
| alcatel-lucent | omnipcx_office | >= 610 < 610\/014.001 | 610\/014.001 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests to /cgi-data/FastJSData.cgi for shell metacharacters (|, ;, `, $(), etc.) in the 'id2' parameter, indicating command injection attempts. ↗
- →Alert on requests to /cgi-data/FastJSData.cgi where the id2 parameter contains pipe characters or URL-encoded shell metacharacters (e.g., %7C, %3B). ↗
- →The vulnerability allows unauthenticated remote attackers to execute arbitrary commands with webserver permissions; any access to the vulnerable CGI endpoint from external/untrusted sources should be treated as suspicious. ↗
- ·Affected versions include OXO210 before 210/091.001, OXO600 before 610/014.001, and Alcatel OmniPCX Office since release 210/061.1; detections should be scoped to these product versions. ↗
- ·The vulnerability is only exploitable when Internet Access services are enabled on the OmniPCX Office appliance; restrict external access to the web interface as a mitigation. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/29798http://www.securityfocus.com/archive/1/492383/100/0/threadedhttp://www.securityfocus.com/bid/28758http://www.securitytracker.com/id?1020082http://www.vupen.com/english/advisories/2008/1057http://www1.alcatel-lucent.com/psirt/statements/2008001/OXOrexec.htmhttps://exchange.xforce.ibmcloud.com/vulnerabilities/41560https://www.exploit-db.com/exploits/5662http://secunia.com/advisories/29798http://www.securityfocus.com/archive/1/492383/100/0/threadedhttp://www.securityfocus.com/bid/28758http://www.securitytracker.com/id?1020082http://www.vupen.com/english/advisories/2008/1057http://www1.alcatel-lucent.com/psirt/statements/2008001/OXOrexec.htmhttps://exchange.xforce.ibmcloud.com/vulnerabilities/41560https://www.exploit-db.com/exploits/5662
2008-04-02
Published