If you are using Mida eFramework on your web applications, it is better to check your websites for unauthenticated remote code execution vulnerability that emerged in PDC/ajaxreq.php page.
Mida eFramework is a complete suite of video and voice applications, compatible with almost all major UC platforms. The suite includes attendant console, recorder, fax server, billing, queue manager, automated attendant, mobile apps, phone services.
In May 2020, researchers discovered a critical vulnerability at Mida eFramework on PDC/ajaxreq.php. All versions below 2.9.0 are affected by this vulnerability. The vulnerability allows an attacker a Remote Code Execution (RCE) with administrative (root) privileges. No authentication is required.
You can check Mida eFramework (CVE-2020-15920) Unauthenticated Remote Code Execution vulnerability with our free and online Mida eFramework Rce Vulnerability Scanner (CVE-2020-15920). tool To do this, you can start by typing your domain name or IP address in the form on top of the page and start scanning.
Or you can find an exploit code written in python programming language on exploit-db.com to check the vulnerability.
To eliminate this vulnerability, you need to update Mida eFramework to the newest version. Also, you can use ACL (Access Control List) to allow or deny access to the software from untrusted networks.