cbcvebase.
CVE-2008-1331
published 2008-04-02

CVE-2008-1331: cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote…

PriorityP260critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
8.78%
94.5th percentile
cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote attackers to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the id2 parameter.

Affected

2 ranges
VendorProductVersion rangeFixed in
alcatel-lucentomnipcx_office>= 210 < 210\/091.001210\/091.001
alcatel-lucentomnipcx_office>= 610 < 610\/014.001610\/014.001

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://[server]/cgi-data/FastJSData.cgi?id1=sh2kerr&id2=91|cat%20/etc/passwd
path/cgi-data/FastJSData.cgi
  • Monitor HTTP requests to /cgi-data/FastJSData.cgi for shell metacharacters (|, ;, `, $(), etc.) in the 'id2' parameter, indicating command injection attempts.
  • Alert on requests to /cgi-data/FastJSData.cgi where the id2 parameter contains pipe characters or URL-encoded shell metacharacters (e.g., %7C, %3B).
  • The vulnerability allows unauthenticated remote attackers to execute arbitrary commands with webserver permissions; any access to the vulnerable CGI endpoint from external/untrusted sources should be treated as suspicious.
  • ·Affected versions include OXO210 before 210/091.001, OXO600 before 610/014.001, and Alcatel OmniPCX Office since release 210/061.1; detections should be scoped to these product versions.
  • ·The vulnerability is only exploitable when Internet Access services are enabled on the OmniPCX Office appliance; restrict external access to the web interface as a mitigation.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.