exploitDog

GHSA-c8qq-cj3p-f8v9

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "name" POST parameter.

OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "name" POST parameter.

Ссылки

EPSS

Процентиль: 94%

0.1198

Средний

8.8 High

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2018-12307

CVSS3: 8.8

nvd

около 7 лет назад

OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "name" POST parameter.

EPSS

Процентиль: 94%

0.1198

Средний

8.8 High

CVSS3

CVE ID

Дефекты

CWE-78