Every CVE whose affected-product data names Nch Axon Pbx, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-37441 — CVSS 8.8 (high): NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/.. substring.
CVE-2018-11551 — CVSS 7.8 (high): AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a…
CVE-2021-37440 — CVSS 6.5 (medium): NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. substring.
CVE-2018-11552 — CVSS 6.1 (medium): There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON->Auto-Dialer->Agents->Name" field. The vulnerability exists due to…