Dustin Cobb

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business SPA500 Series IP Phones versions 7.6.2SR5 and prior **Description** The issue is related to insufficient input validation in the device configuration interface, which could allow an attacker to execute arbitrary commands on the device with elevated security context. This can be achieved by accessing the configuration interface and then using the device's physical interface to insert a USB storage device. **Recommendations** For versions 7.6.2SR5 and prior, update the firmware to a version that addresses this issue. As a temporary workaround, consider restricting access to the device configuration interface and physical interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** FusionPBX version 4.4.3 **Description** The issue is related to excessive debug information in the Operator Panel module, specifically in the app/operator panel/index inc.php file. This allows authenticated administrative attackers to obtain credentials and other sensitive information. **Recommendations** For FusionPBX version 4.4.3, consider disabling the debug information in the Operator Panel module as a temporary workaround until a patch is available. Restrict access to the Operator Panel module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** FusionPBX version 4.4.3 **Description** The issue allows remote unauthenticated attackers to inject arbitrary JavaScript characters by placing a phone call using a specially crafted caller ID number, potentially leading to remote code execution when combined with a command injection vulnerability. **Recommendations** For FusionPBX version 4.4.3, as a temporary workaround, consider restricting access to the Operator Panel module until a patch is available. Avoid using specially crafted caller ID numbers in the `caller ID number` variable to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** FusionPBX version 4.4.3 **Description** The issue arises from a command injection vulnerability in the Operator Panel module due to insufficient input validation. This allows authenticated non-administrative attackers to execute commands on the host, potentially leading to remote code execution when combined with an existing XSS vulnerability in the same module. **Recommendations** For FusionPBX version 4.4.3, consider disabling the exec.php file in the Operator Panel module as a temporary workaround until a patch is available. Restrict access to the Operator Panel module to minimize the risk of exploitation. Avoid using the Operator Panel module until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FusionPBX version 4.4.3 **Description** The issue arises from a command injection vulnerability in the Backup Module of FusionPBX due to inadequate input validation. This allows authenticated administrative attackers to execute commands on the host. **Recommendations** For FusionPBX version 4.4.3, update to a version that includes input validation for the Backup Module to prevent command injection attacks.

**Name of the Vulnerable Software and Affected Versions** BlogEngine.NET versions through 3.3.6.0 **Description** A path traversal and Local File Inclusion issue in PostList.ascx.cs allows unauthenticated users to load a PostView.ascx component from potentially untrusted locations on the local filesystem. This can lead to remote code execution if an authenticated user uploads a PostView.ascx file using the file manager utility. **Recommendations** For BlogEngine.NET versions through 3.3.6.0, restrict access to the file manager utility to prevent authenticated users from uploading potentially malicious PostView.ascx files. As a temporary workaround, consider disabling the PostList.ascx.cs component until a patch is available.