CVE-2017-18923

CVE-2017-18923

EPSS 1.2%

beroNet VoIP Gateways before 3.0.16 have a PHP script that allows downloading arbitrary files, including ones with credentials.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://beronet.atlassian.net/wiki/spaces/PUB/pages/88768529/Security+Issues https://www.heise.de/security/meldung/Angriffe-auf-VoIP-Gateways-von-beroNet-Patch-sorgt-fuer-Sicherheit-3594737.html