CVE-2017-1000501

Опубликовано: 03 янв. 2018

Источник: debian

EPSS Низкий

Описание

Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
awstats	fixed	7.6+dfsg-2		package

Примечания

https://github.com/eldy/awstats/commit/cf219843a74c951bf5986f3a7fffa3dcf99c3899
https://github.com/eldy/awstats/commit/06c0ab29c1e5059d9e0279c6b64d573d619e1651

EPSS

Процентиль: 91%

0.06548

Низкий

Связанные уязвимости

CVE-2017-1000501

CVSS3: 9.8

ubuntu

около 8 лет назад

Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.

CVE-2017-1000501

CVSS3: 9.8

nvd

около 8 лет назад

Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.

GHSA-ph65-4f3r-7fv8

CVSS3: 9.8

github

больше 3 лет назад

Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.

EPSS

Процентиль: 91%

0.06548

Низкий