exploitDog

GHSA-mp6f-fc3x-9pwq

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "secret_key" URL parameter.

OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "secret_key" URL parameter.

Ссылки

EPSS

Процентиль: 94%

0.1198

Средний

8.8 High

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2018-12312

CVSS3: 8.8

nvd

около 7 лет назад

OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "secret_key" URL parameter.

EPSS

Процентиль: 94%

0.1198

Средний

8.8 High

CVSS3

CVE ID

Дефекты

CWE-78