CVE-2008-1331
OmniPCX Office - RCE
Title source: llmDescription
cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote attackers to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the id2 parameter.
Exploits (1)
References (8)
Scores
EPSS
0.5850
EPSS Percentile
98.2%
Classification
CWE
CWE-20
Status
draft
Affected Products (1)
alcatel-lucent/omnipcx_office
< 210\/091.001
Timeline
Published
Apr 02, 2008
Tracked Since
Feb 18, 2026