Skip to main content

Axon Pbx

14 CVEs product

Monthly

CVE-2021-37441 HIGH POC This Week

NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/.. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Axon Pbx
NVD GitHub
CVSS 3.1
8.8
EPSS
1.5%
CVE-2021-37440 MEDIUM POC This Month

NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Axon Pbx
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-37462 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /ipblacklist?errorip= (reflected). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-37461 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /extensionsinstruction?id= (reflected). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-37460 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-37459 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-37458 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-37457 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the SipRule field (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-37456 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-37455 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-37454 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the line name (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-37453 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2018-11552 MEDIUM POC THREAT This Month

There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON->Auto-Dialer->Agents->Name" field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD
CVSS 3.0
6.1
EPSS
28.6%
CVE-2018-11551 HIGH This Week

AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Axon Pbx
NVD
CVSS 3.0
7.8
EPSS
2.5%
EPSS 1% CVSS 8.8
HIGH POC This Week

NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/.. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Axon Pbx
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Axon Pbx
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /ipblacklist?errorip= (reflected). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /extensionsinstruction?id= (reflected). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the SipRule field (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the line name (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD GitHub
EPSS 29% CVSS 6.1
MEDIUM POC THREAT This Month

There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON->Auto-Dialer->Agents->Name" field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Axon Pbx
NVD
EPSS 2% CVSS 7.8
HIGH This Week

AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Axon Pbx
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy