Unrated severityNVD Advisory· Published Apr 2, 2008· Updated Apr 23, 2026

CVE-2008-1331

Description

cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote attackers to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the id2 parameter.

Affected products

Alcatel Lucent/Omnipcx Office
cpe:2.3:a:alcatel-lucent:omnipcx_office:*:*:*:*:*:*:*:*
Range: >=210,<210\/091.001

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/29798nvdThird Party Advisory
www.securityfocus.com/archive/1/492383/100/0/threadednvdThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/28758nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
www1.alcatel-lucent.com/psirt/statements/2008001/OXOrexec.htmnvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/41560nvdThird Party AdvisoryVDB Entry
www.exploit-db.com/exploits/5662nvdThird Party AdvisoryVDB Entry
www.vupen.com/english/advisories/2008/1057nvdPermissions Required

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.047
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000