CVE-2018-11551

AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a…

mitre·CWE-426·Published 2018-06-01

CVSS

—

EPSS

0.03

KEV

Exploits

cve.orgen

237 chars

AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists because a DLL file is loaded by 'pbxsetup.exe' improperly.

NVDen

237 chars

NVDes

249 chars

AXON PBX 2.02 contiene una vulnerabilidad de secuestro de DLL que podría permitir que un atacante remoto no autenticado ejecute código en un sistema objetivo. La vulnerabilidad existe debido a que 'pbxsetup.exe' carga un archivo DLL incorrectamente.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	9.3	8.6	10.0	AV:N/AC:M/Au:N/C:C/I:C/A:C
3.0	Primary	NVD	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H