CVE-2021-45967 Scanner
Detects 'Path Traversal' vulnerability in Pascom Cloud Phone System affects v. before 7.20.x.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
1 month
Scan only one
Url
Toolbox
-
The Pascom Cloud Phone System is a popular phone application used by businesses and organizations for communication. It is designed to provide a comprehensive communication platform that enables users to make phone calls, send texts, and hold video and audio conferences. Pascom Cloud Phone System is widely used because it is easy to set up, user-friendly, and offers excellent voice clarity.
Recently, a vulnerability was discovered in the Pascom Cloud Phone System, which has been identified as CVE-2021-45967. The vulnerability is caused by a configuration error between NGINX and the backend Tomcat server. This misconfiguration leads to path traversal in the Tomcat server, exposing unintended endpoints. Hackers can exploit this vulnerability to gain access to confidential data within the system.
If this vulnerability is successfully exploited by hackers, they can gain unauthorized access to data and systems, and even launch various attacks such as remote code execution and denial-of-service attacks. Attackers can exploit this vulnerability to gain unrestricted access to the system, bypass security controls, and to do further attacks. The Pascom Cloud Phone System users, in particular, can suffer a security breach if this vulnerability is not fixed soon enough.
Finally, through the pro features of the s4e.io platform, it has become easy for users to stay ahead of security vulnerabilities in their digital assets. Users who read this article can now understand how to detect and protect against vulnerabilities in their systems. By taking the necessary precautions and staying informed, users can protect their digital assets and prevent unauthorized access. It is essential for businesses to invest in the security of their communication tools at all times.
REFERENCES