CVE-2024-0986

MEDIUM NUCLEI

Issabel PBX 4.0.0 - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-0986. PoCs published by gunzf0x. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2024-0986, an authenticated RCE vulnerability in Issabel PBX 4.0.0. The exploit abuses the 'xmldoc' and 'dump' commands to upload malicious files, then leverages 'restore.php' to execute arbitrary commands.

Description

A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asterisk_cli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252251. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Exploits (1)

nomisec WORKING POC 2 stars

by gunzf0x · poc

https://github.com/gunzf0x/Issabel-PBX-4.0.0-RCE-Authenticated

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2024-0986, an authenticated RCE vulnerability in Issabel PBX 4.0.0. The exploit abuses the 'xmldoc' and 'dump' commands to upload malicious files, then leverages 'restore.php' to execute arbitrary commands.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Issabel PBX 4.0.0

Auth required

Prerequisites: Valid credentials for Issabel PBX · Network access to the target

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Issabel Authenticated - Remote Code Execution

MEDIUMby eunji

FOFA: title="issabel"

References (4)

Core 4

Core References

Permissions Required, Third Party Advisory, VDB Entry vdb-entry technical-description

https://vuldb.com/?id.252251

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.252251

Exploit exploit

https://drive.google.com/file/d/10BYLQ7Rk4oag96afLZouSvDDPvsO7SoJ/view?usp=drive_link

Third Party Advisory

https://www.vicarius.io/vsociety/posts/issabel-authenticated-remote-code-execution-cve-2024-0986

Scores

CVSS v3 4.7

EPSS 0.5842

EPSS Percentile 99.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-78

Status published

Products (1)

issabel/pbx 4.0.0

Published Jan 29, 2024

Tracked Since Feb 18, 2026