| Summary | An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell commands as the "root" user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. |
|---|---|
| Publication Date | Sept. 11, 2024, 5:15 a.m. |
| Registration Date | Sept. 11, 2024, noon |
| Last Update | Sept. 12, 2024, 11:35 p.m. |