CVE-2010-3039
Cisco Unified Communications Manager <8 - Command Injection
Title source: llmDescription
/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and CSCti74930.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Knud Erik Hjgaard · textlocalhardware
https://www.exploit-db.com/exploits/34954
References (8)
Core 8
Core References
Vendor Advisory x_refsource_confirm
http://tools.cisco.com/security/center/viewAlert.x?alertId=21656
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/44672
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/514668/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1024694
Exploit x_refsource_misc
http://www.nsense.fi/advisories/nsense_2010_003.txt
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42129
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2010/Nov/40
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2915
Scores
EPSS
0.0262
EPSS Percentile
85.8%
Details
CWE
CWE-78
Status
published
Products (43)
cisco/unified_communications_manager
6.0
cisco/unified_communications_manager
6.1\(1\)
cisco/unified_communications_manager
6.1\(1a\)
cisco/unified_communications_manager
6.1\(1b\)
cisco/unified_communications_manager
6.1\(2\)
cisco/unified_communications_manager
6.1\(2\)su1
cisco/unified_communications_manager
6.1\(2\)su1a
cisco/unified_communications_manager
6.1\(3\)
cisco/unified_communications_manager
6.1\(3a\)
cisco/unified_communications_manager
6.1\(3b\)
... and 33 more
Published
Nov 09, 2010
Tracked Since
Feb 18, 2026