Filtered by vendor 3cx
Subscribe
Total
33 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49954 | 1 3cx | 1 3cx | 2025-04-23 | N/A | 9.8 CRITICAL |
| The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name, search string, or email address. | |||||
| CVE-2017-2187 | 1 3cx | 1 Live Chat | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in WP Live Chat Support prior to version 7.0.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2017-15359 | 1 3cx | 1 3cx | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to access sensitive information to aid in subsequent attacks. | |||||
| CVE-2008-6895 | 1 3cx | 1 Phone System | 2025-04-09 | 7.8 HIGH | N/A |
| 3CX Phone System 6.0.806.0 allows remote attackers to cause a denial of service (unstable service or crash) via unspecified vectors, as demonstrated by vulnerability scans from Nessus or SAINT. | |||||
| CVE-2008-6896 | 1 3cx | 1 Phone System | 2025-04-09 | 5.0 MEDIUM | N/A |
| login.php in 3CX Phone System 6.0.806.0, when 100% disk capacity is reached, allows remote attackers to gain sensitive information via unspecified vectors that reveal the installation path. | |||||
| CVE-2008-6894 | 1 3cx | 1 Phone System | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in login.php in 3CX Phone System Free Edition 6.1793 and 6.0.806.0 allow remote attackers to inject arbitrary web script or HTML via the (1) fName and (2) fPassword parameters. | |||||
| CVE-2022-48483 | 1 3cx | 1 3cx | 2025-01-30 | N/A | 7.5 HIGH |
| 3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthenticated remote attackers to read %WINDIR%\system32 files via /Electron/download directory traversal in conjunction with a path component that has a drive letter and uses backslash characters. NOTE: this issue exists because of an incomplete fix for CVE-2022-28005. | |||||
| CVE-2022-48482 | 2 3cx, Microsoft | 2 3cx, Windows | 2025-01-30 | N/A | 7.5 HIGH |
| 3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. Files may have credentials, full backups, call recordings, and chat logs. | |||||
| CVE-2023-29059 | 1 3cx | 1 3cx | 2024-11-21 | N/A | 7.8 HIGH |
| 3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX DesktopApp Electron macOS application. | |||||
| CVE-2022-28005 | 1 3cx | 1 3cx | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server (via /Electron/download directory traversal in conjunction with a path component that uses backslash characters), leading to cleartext credential disclosure. Afterwards, the authenticated attacker is able to upload a file that overwrites a 3CX service binary, leading to Remote Code Execution as NT AUTHORITY\SYSTEM on Windows installations. NOTE: this issue exists because of an incomplete fix for CVE-2022-48482. | |||||
| CVE-2022-27438 | 29 3cx, Boom, Caphyon and 26 more | 99 Call Flow Designer, Crm Template Generator, Boomtv Streamer Portal and 96 more | 2024-11-21 | 5.1 MEDIUM | 8.1 HIGH |
| Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check. | |||||
| CVE-2021-45491 | 1 3cx | 1 3cx | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| 3CX System through 2022-03-17 stores cleartext passwords in a database. | |||||
| CVE-2021-45490 | 1 3cx | 1 3cx | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The client applications in 3CX on Windows, the 3CX app for iOS, and the 3CX application for Android through 2022-03-17 lack SSL certificate validation. | |||||
| CVE-2019-9972 | 2 3cx, Debian | 3 Phone System, Phone System Firmware, Debian Linux | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of "<space><space> followed by <shift><enter>" mishandling. | |||||
| CVE-2019-9971 | 2 3cx, Debian | 3 Phone System, Phone System Firmware, Debian Linux | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z (aka postrotate-command) option to tcpdump can be unsafe when used in conjunction with sudo. | |||||
| CVE-2019-9913 | 1 3cx | 1 Live Chat | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-live-chat-support plugin before 8.0.18 for WordPress has wp-admin/admin.php?page=wplivechat-menu-gdpr-page term XSS. | |||||
| CVE-2019-14950 | 1 3cx | 1 Live Chat | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS via the GDPR page. | |||||
| CVE-2019-14935 | 2 3cx, Microsoft | 2 3cx, Windows | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| 3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a StartUp link. | |||||
| CVE-2019-13176 | 1 3cx | 1 3cx | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the 3CX Phone system (web) management console 12.5.44178.1002 through 12.5 SP2. The Content.MainForm.wgx component is affected by XXE via a crafted XML document in POST data. There is potential to use this for SSRF (reading local files, outbound HTTP, and outbound DNS). | |||||
| CVE-2019-12498 | 1 3cx | 1 Live Chat | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism. | |||||