CVE-2022-28005
An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server, leading to cleartext credential disclosure. Afterwards, the authenticated attacker is able to upload a file that overwrites a 3CX service binary, leading to Remote Code Execution as NT AUTHORITYSYSTEM on Windows installations. Versions prior to version 18, Hotfix 1 Build 18.0.3.461 March 2022, are prone to an additional unauthenticated file system access to C:WindowsSystem32.
Date published : 2022-05-06
https://www.3cx.com/blog/change-log/phone-system-change-log/