CVE-2013-4468

CVE Database · CVE-2013-4468

CVE-2013-4468

· N/AModified

CVSS v3.1

N/A

EPSS

31.76%

Published

May 14, 2014

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

Exploit-DBVICIdial Manager - Send OS Command Injection (Metasploit)

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in the extension parameter in an OriginateVDRelogin action to manager_send.php.

Affected Products (3)

vicidial · vicidialvulnerable

References (8)

http://www.exploit-db.com/exploits/29513

Exploit

http://www.openwall.com/lists/oss-security/2013/10/23/10

Exploit

http://www.openwall.com/lists/oss-security/2013/10/25/1

Exploit

https://adamcaudill.com/2013/10/23/vicidial-multiple-vulnerabilities/

Exploit

http://www.exploit-db.com/exploits/29513

Exploit

http://www.openwall.com/lists/oss-security/2013/10/23/10

Exploit

http://www.openwall.com/lists/oss-security/2013/10/25/1

Exploit

KEV Catalog EPSS Scores Vendors All CVEs