CVE-2024-7461

CVSS 2.0 Score 6.8 of 10 (medium)

Details

Published Aug 5, 2024

CWE ID 89

Summary

CVE-2024-7461 is a critical vulnerability affecting ForIP Tecnologia's Administração PABX 1.x. The issue lies in an unknown functionality of the file /authMonitCallcenter within the monitcallcenter component. An attacker can manipulate the user argument to execute SQL injection attacks, which may be launched remotely. Though the vulnerability has been disclosed to the public, the vendor has yet to respond or provide a patch. VDB-273554 is the assigned identifier for this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

ForIP Tecnologia Administração PABX

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xd4-Nb
https://www.cve.org/CVERecord?id=CVE-2024-7461
https://nvd.nist.gov/vuln/detail/CVE-2024-7461

Back to Vulnerability Database

CVE-2024-7461

CVSS 2.0 Score 6.8 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations