CVE-2018-10093
published 2019-03-21CVE-2018-10093: AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution.
PriorityP279high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
68.68%
99.3th percentile
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| audiocodes | 420hd_ip_phone_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
yara↗
regex: admin:.*:*sh$
- →Detect exploitation attempts by monitoring HTTP GET requests to /command.cgi with command injection payloads in the query string (e.g., URL-encoded shell commands such as cat%20/etc/passwd). ↗
- →A successful exploit response will contain a passwd-file entry matching the pattern 'admin:.*:*sh$' with HTTP status 200, indicating unauthenticated or authenticated RCE via the CGI endpoint. ↗
- →The vulnerable CGI endpoint is only accessible to authenticated users; monitor for brute-force or credential-stuffing attempts against the admin interface prior to /command.cgi access. ↗
- ·Exploitation requires authentication as admin; the attack surface is limited to users who have obtained the admin configuration password. ↗
- ·Vulnerability has only been confirmed on the 420HD model running firmware 2.2.12.126; other 400HD series models or firmware versions have not been tested. ↗
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
AudioCode 400HD - Command Injection
exploitdb·2019-01-14·CVSS 8.8
CVE-2018-10093 [HIGH] AudioCode 400HD - Command Injection
AudioCode 400HD - Command Injection
---
# [CVE-2018-10093] Remote command injection vulnerability in AudioCode IP phones
## Description
The AudioCodes 400HD series of IP phones consists in a range of
easy-to-use, feature-rich desktop devices for the service provider
hosted services, enterprise IP telephony and contact center markets.
The CGI scripts used on the 420HD phone (web interface) do not filter
user inputs correctly. Consequently, an authenticated attacker could
inject arbitrary commands (Remote Code Execution) and take full control
over the device. For example, it is possible to intercept live
communications.
## Vulnerability records
**CVE ID**: CVE-2018-10093
**Access Vector**: remote
**Security Risk**: medium
**Vulnerability**: CWE-78
**CVSS Base Score**: 7.2
**CVSS
Nuclei
AudioCodes 420HD - Remote Code Execution
nuclei·CVSS 8.8
CVE-2018-10093 [HIGH] AudioCodes 420HD - Remote Code Execution
AudioCodes 420HD - Remote Code Execution
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow remote code execution.
Template:
id: CVE-2018-10093
info:
name: AudioCodes 420HD - Remote Code Execution
author: wisnupramoedya
severity: high
description: |
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow remote code execution.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the device, potentially leading to a complete compromise of the phone and unauthorized access to the VoIP network.
remediation: |
Apply the latest firmware update provided by AudioCodes to fix the vulnerability and ensure proper input validation.
reference:
- https://www.exploit-db.com/exploits/46164
- https://nvd.n
No writeups or analysis indexed.
http://packetstormsecurity.com/files/151116/AudioCode-400HD-Remote-Command-Injection.htmlhttp://seclists.org/fulldisclosure/2019/Jan/38https://www.exploit-db.com/exploits/46164/http://packetstormsecurity.com/files/151116/AudioCode-400HD-Remote-Command-Injection.htmlhttp://seclists.org/fulldisclosure/2019/Jan/38https://www.exploit-db.com/exploits/46164/
2019-03-21
Published