Sign-up

ID

VAR-201904-0704


CVE

CVE-2018-16216


TITLE

AudioCodes 405HD VoIP phone Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015338

DESCRIPTION

A command injection (missing input validation, escaping) in the monitoring or memory status web interface in AudioCodes 405HD (firmware 2.2.12) VoIP phone allows an authenticated remote attacker in the same network as the device to trigger OS commands (like starting telnetd or opening a reverse shell) via a POST request to the web server. In combination with another attack (unauthenticated password change), the attacker can circumvent the authentication requirement. AudioCodes 405HD VoIP phone Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. AudioCodes 405HD VoIP Phone is an IP phone product of Israel AudioCodes company. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data. Attackers can exploit this vulnerability to execute illegal operating system commands

Trust: 1.71

sources: NVD: CVE-2018-16216 // JVNDB: JVNDB-2018-015338 // VULHUB: VHN-126553

AFFECTED PRODUCTS

vendor:audiocodesmodel:405hdscope:eqversion:2.2.12

Trust: 1.8

sources: JVNDB: JVNDB-2018-015338 // NVD: CVE-2018-16216

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-16216
value: HIGH

Trust: 1.0

NVD: CVE-2018-16216
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201904-1189
value: HIGH

Trust: 0.6

VULHUB: VHN-126553
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-16216
severity: HIGH
baseScore: 7.7
vectorString: AV:A/AC:L/AU:S/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 5.1
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-126553
severity: HIGH
baseScore: 7.7
vectorString: AV:A/AC:L/AU:S/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 5.1
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-16216
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.1
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-126553 // JVNDB: JVNDB-2018-015338 // CNNVD: CNNVD-201904-1189 // NVD: CVE-2018-16216

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.1

problemtype:CWE-77

Trust: 0.9

sources: VULHUB: VHN-126553 // JVNDB: JVNDB-2018-015338 // NVD: CVE-2018-16216

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201904-1189

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201904-1189

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015338

PATCH
title:405HD IP Phoneurl:https://www.audiocodes.com/solutions-products/products/ip-phones/405hd-ip-phone
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2018-015338

EXTERNAL IDS
db:NVDid:CVE-2018-16216
Trust: 2.5
db:JVNDBid:JVNDB-2018-015338
Trust: 0.8
db:CNNVDid:CNNVD-201904-1189
Trust: 0.7
db:VULHUBid:VHN-126553
Trust: 0.1
sources:
            
            
            VULHUB: VHN-126553 // 
            
            
            
            JVNDB: JVNDB-2018-015338 // 
            
            
            
            CNNVD: CNNVD-201904-1189 // 
            
            
            
            NVD: CVE-2018-16216

REFERENCES
url:https://www.sit.fraunhofer.de/fileadmin/dokumente/cve/advisory_audiocodes_405hd.pdf
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2018-16216
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16216
Trust: 0.8
sources:
            
            
            VULHUB: VHN-126553 // 
            
            
            
            JVNDB: JVNDB-2018-015338 // 
            
            
            
            CNNVD: CNNVD-201904-1189 // 
            
            
            
            NVD: CVE-2018-16216

SOURCES
db:VULHUBid:VHN-126553
db:JVNDBid:JVNDB-2018-015338
db:CNNVDid:CNNVD-201904-1189
db:NVDid:CVE-2018-16216

LAST UPDATE DATE
2024-11-23T21:37:28.532000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-126553date:2019-10-03T00:00:00
db:JVNDBid:JVNDB-2018-015338date:2019-05-28T00:00:00
db:CNNVDid:CNNVD-201904-1189date:2020-05-22T00:00:00
db:NVDid:CVE-2018-16216date:2024-11-21T03:52:17.880

SOURCES RELEASE DATE
db:VULHUBid:VHN-126553date:2019-04-25T00:00:00
db:JVNDBid:JVNDB-2018-015338date:2019-05-28T00:00:00
db:CNNVDid:CNNVD-201904-1189date:2019-04-25T00:00:00
db:NVDid:CVE-2018-16216date:2019-04-25T20:29:01.787