Full title: VICIdial 2.14-917a Remote Code Execution Vulnerability 
Category: web applications
Platform: php
An attacker with authenticated access to VICIdial version 2.14-917a as an agent can execute arbitrary shell commands as the root user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective.

# 0day.today @ http://0day.today/