CVE-2021-30461
Description
A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value (which might contain PHP code) is injected into config/configuration.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- VoIPmonitor/VoIPmonitordescription
- Range: <24.61
Patches
Vulnerability mechanics
Root cause
"Improper filtering of user-supplied SPOOLDIR value allows PHP code injection into config/configuration.php."
Attack vector
An unauthenticated attacker sends a POST request to `index.php` with the `SPOOLDIR` and `recheck` parameters. The `SPOOLDIR` value is written "as is" into `config/configuration.php`, allowing PHP code injection. When the UI later includes that configuration file, the injected code executes, enabling remote command execution.
Affected code
The vulnerability resides in the `index.php` file of VoIPmonitor's web UI. User-supplied `SPOOLDIR` parameter values are injected directly into `config/configuration.php` without sanitization, which is later included by the UI. This affects VoIPmonitor version 24.60 and prior.
What the fix does
The vendor released GUI version 24.61 to fix the issue. The advisory does not include a patch diff, but the fix presumably adds proper sanitization or validation of the `SPOOLDIR` parameter before writing it to the configuration file, preventing PHP code injection.
Preconditions
- networkAttacker must be able to send HTTP POST requests to the VoIPmonitor web UI
- authNo authentication is required
Generated on May 29, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- ssd-disclosure.com/ssd-advisory--voipmonitor-unauth-rcemitrex_refsource_MISC
News mentions
0No linked articles in our index yet.