Voipmonitor: >> Voipmonitor >> 24.69 Security Vulnerabilities
The config restore function of Voipmonitor GUI before v24.96 does not properly check files sent as restore archives, allowing remote attackers to execute arbitrary commands via a crafted file in the web root.
CVSS Score
8.8
EPSS Score
0.039
Published
2022-02-04
An incorrect check in the component cdr.php of Voipmonitor GUI before v24.96 allows unauthenticated attackers to escalate privileges via a crafted request.
CVSS Score
9.8
EPSS Score
0.029
Published
2022-02-04
A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level.
CVSS Score
9.8
EPSS Score
0.898
Published
2022-02-04