CVE-2006-3524
SIPfoundry sipXtapi <20060324 - RCE
Title source: llmDescription
Buffer overflow in SIPfoundry sipXtapi released before 20060324 allows remote attackers to execute arbitrary code via a long CSeq field value in an INVITE message.
Exploits (7)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16352
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16351
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16353
exploitdb
WORKING POC
VERIFIED
by Michael Thumann · perldoshardware
https://www.exploit-db.com/exploits/2000
metasploit
WORKING POC
GREAT
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/sip/aim_triton_cseq.rb
metasploit
WORKING POC
GREAT
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/sip/sipxezphone_cseq.rb
metasploit
WORKING POC
GREAT
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/sip/sipxphone_cseq.rb
References (10)
Scores
EPSS
0.8424
EPSS Percentile
99.3%
Details
Status
published
Products (1)
sipfoundry/sipxtapi
Published
Jul 12, 2006
Tracked Since
Feb 18, 2026