PT-2024-27870 · Phoniebox · Phoniebox
Lukigruszka
·
Published
2024-07-10
·
Updated
2024-07-12
·
CVE-2024-3798
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Phoniebox versions prior to 3.0
Description
The issue is related to insecure handling of the
file parameter in GET header requests sent to an instance of the open-source project Phoniebox. This allows an attacker to create a website that, when visited by a user, will send malicious requests to multiple hosts on the local network. If such a request reaches the server, it can cause shell command execution, reflected XSS, or cross-site request forgery.Recommendations
For Phoniebox versions prior to 3.0, update to version 3.0 or higher to resolve the issue.
As a temporary workaround, consider restricting access to the vulnerable
file parameter in GET requests until a patch is available.Fix
OS Command Injection
XSS
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Phoniebox