VYPR
Unrated severityNVD Advisory· Published May 14, 2014· Updated Jun 16, 2026

CVE-2013-4468

CVE-2013-4468

Description

VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in the extension parameter in an OriginateVDRelogin action to manager_send.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Vicidial/Vicidial4 versions
    cpe:2.3:a:vicidial:vicidial:2.7:-:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:vicidial:vicidial:2.7:-:*:*:*:*:*:*
    • cpe:2.3:a:vicidial:vicidial:2.7:rc1:*:*:*:*:*:*
    • cpe:2.3:a:vicidial:vicidial:*:403a:*:*:*:*:*:*range: <=2.8
    • (no CPE)range: <=2.8-403a

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.