3cx

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-27362 13cx 13cx Aug 13, 2025 May 3, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 3CX Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 3CX. An attacker must first obtain the ability to execu...Show more 3CX Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 3CX. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-20026.Show less
CVE-2023-49954 13cx 13cx Apr 23, 2025 Dec 25, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name, search string, or email address.
CVE-2022-48483 13cx 13cx Jan 30, 2025 May 2, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthenticated remote attackers to read %WINDIR%\system32 files via /Electron/download directory traversal in conjunction with a path component that has a drive...Show more 3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthenticated remote attackers to read %WINDIR%\system32 files via /Electron/download directory traversal in conjunction with a path component that has a drive letter and uses backslash characters. NOTE: this issue exists because of an incomplete fix for CVE-2022-28005.Show less
CVE-2022-48482 13cx 13cx Jan 30, 2025 May 2, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. Files may have credentials, full backups, call...Show more 3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. Files may have credentials, full backups, call recordings, and chat logs.Show less
CVE-2023-29059 13cx 13cx May 5, 2025 Mar 30, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7,...Show more 3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX DesktopApp Electron macOS application.Show less
CVE-2019-9972 23cx Debian 2Debian Linux Phone System Firmware Nov 21, 2024 Jun 7, 2022 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of "<space><space> followed by <shi...Show more PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of "<space><space> followed by <shift><enter>" mishandling.Show less
CVE-2019-9971 23cx Debian 2Debian Linux Phone System Firmware Nov 21, 2024 Jun 7, 2022 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z (aka post...Show more PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z (aka postrotate-command) option to tcpdump can be unsafe when used in conjunction with sudo.Show less
CVE-2022-27438 293cx BoomCaphyon+26 more 70Advanced Installer Angry Birds SpaceArchive Password Recovery+67 more Nov 21, 2024 Jun 6, 2022 N/A· v4 8.1 HIGH· v3 5.1 MEDIUM· v2 Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in...Show more Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.Show less
CVE-2022-28005 13cx 13cx Nov 21, 2024 May 6, 2022 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server (via /Electron/dow...Show more An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server (via /Electron/download directory traversal in conjunction with a path component that uses backslash characters), leading to cleartext credential disclosure. Afterwards, the authenticated attacker is able to upload a file that overwrites a 3CX service binary, leading to Remote Code Execution as NT AUTHORITY\SYSTEM on Windows installations. NOTE: this issue exists because of an incomplete fix for CVE-2022-48482.Show less
CVE-2021-45491 13cx 13cx Nov 21, 2024 Mar 28, 2022 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 3CX System through 2022-03-17 stores cleartext passwords in a database.
CVE-2021-45490 13cx 13cx Nov 21, 2024 Mar 28, 2022 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 The client applications in 3CX on Windows, the 3CX app for iOS, and the 3CX application for Android through 2022-03-17 lack SSL certificate validation.
CVE-2019-12498 13cx 1Live Chat Nov 21, 2024 Mar 20, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism.
CVE-2014-10386 13cx 1Live Chat Nov 21, 2024 Aug 22, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The wp-live-chat-support plugin before 4.1.0 for WordPress has JavaScript injections.
CVE-2017-18507 13cx 1Live Chat Nov 21, 2024 Aug 13, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The wp-live-chat-support plugin before 7.1.05 for WordPress has XSS.
CVE-2019-14950 13cx 1Live Chat Nov 21, 2024 Aug 12, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS via the GDPR page.
CVE-2017-18508 13cx 1Live Chat Nov 21, 2024 Aug 12, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The wp-live-chat-support plugin before 7.1.03 for WordPress has XSS.
CVE-2016-10879 13cx 1Live Chat Nov 21, 2024 Aug 12, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The wp-live-chat-support plugin before 6.2.02 for WordPress has XSS.
CVE-2019-14935 13cx 13cx Nov 21, 2024 Aug 12, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a St...Show more 3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a StartUp link.Show less
CVE-2019-13176 13cx 13cx Nov 21, 2024 Aug 8, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the 3CX Phone system (web) management console 12.5.44178.1002 through 12.5 SP2. The Content.MainForm.wgx component is affected by XXE via a crafted XML document in POST data. There is potential...Show more An issue was discovered in the 3CX Phone system (web) management console 12.5.44178.1002 through 12.5 SP2. The Content.MainForm.wgx component is affected by XXE via a crafted XML document in POST data. There is potential to use this for SSRF (reading local files, outbound HTTP, and outbound DNS).Show less
CVE-2019-11185 13cx 1Live Chat Nov 21, 2024 Jun 3, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The WP Live Chat Support Pro plugin through 8.0.26 for WordPress contains an arbitrary file upload vulnerability. This results from an incomplete patch for CVE-2018-12426. Arbitrary file upload is achieved by using a non...Show more The WP Live Chat Support Pro plugin through 8.0.26 for WordPress contains an arbitrary file upload vulnerability. This results from an incomplete patch for CVE-2018-12426. Arbitrary file upload is achieved by using a non-blacklisted executable file extension in conjunction with a whitelisted file extension, and prepending "magic bytes" to the payload to pass MIME checks. Specifically, an unauthenticated remote user submits a crafted file upload POST request to the REST api remote_upload endpoint. The file contains data that will fool the plugin's MIME check into classifying it as an image (which is a whitelisted file extension) and finally a trailing .phtml file extension.Show less

12 Next