CVE-2023-25355

HIGH

CoreDial sipXcom <= 21.04 - Privilege Escalation via Service File Overwrite

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-25355. PoCs published by glefait.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2023-25355 and CVE-2023-25356, which involve file exfiltration and arbitrary file write vulnerabilities in sipXcom. The exploit automates the process of sending malicious XMPP messages to trigger the vulnerabilities and can restart the sipXcom service to execute arbitrary code.

Description

CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the `daemon` user on a sipXcom server can overwrite a service file, and escalate their privileges to `root`.

Exploits (1)

nomisec WORKING POC 1 stars
by glefait · poc
https://github.com/glefait/CVE-2023-25355-25356

This repository contains a functional exploit for CVE-2023-25355 and CVE-2023-25356, which involve file exfiltration and arbitrary file write vulnerabilities in sipXcom. The exploit automates the process of sending malicious XMPP messages to trigger the vulnerabilities and can restart the sipXcom service to execute arbitrary code.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: sipXcom
Auth required
Prerequisites: XMPP credentials · Accessible webserver for file exfiltration/infiltration · Superadmin credentials for service restart
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit, Mailing List, Third Party Advisory
https://seclists.org/fulldisclosure/2023/Mar/5

Scores

CVSS v3 8.8
EPSS 0.0250
EPSS Percentile 82.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-276
Status published
Products (1)
coredial/sipxcom < 21.04
Published Apr 04, 2023
Tracked Since Feb 18, 2026