CVE-2019-25024

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
10
HIGH
Affected
2
PROJECTS

Description

OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter.

OpenRepeater/openrepeater
OpenRepeater/openrepeater
This is where web application files live for the OpenRepeater Project. The OpenRepeater web application is a front end interface to the svxlink core system and builds the appropriate configuration files needed for operation.
GitHubGitHub
61
codexlynx/CVE-2019-25024
codexlynx/CVE-2019-25024
Full exploit code for CVE-2019-25024 an unauthenticated command injection flaw in OpenRepeater.
GitHubGitHub