exploitDog

GHSA-pm9h-gwq2-f4p2

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter.

An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter.

Ссылки

EPSS

Процентиль: 88%

0.03698

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2019-11364

CVSS3: 7.2

nvd

больше 6 лет назад

An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter.

EPSS

Процентиль: 88%

0.03698

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-78