exploitDog

GHSA-q6mf-v98h-w783

Опубликовано: 05 дек. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.

Ссылки

EPSS

Процентиль: 96%

0.22337

Средний

7.2 High

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2023-44221

CVSS3: 7.2

nvd

около 2 лет назад

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.

BDU:2024-03429

CVSS3: 7.2

fstec

около 2 лет назад

Уязвимость реализации технологии SSL VPN микропрограммного обеспечения межсетевых экранов SONICWALL серии SMA 100, позволяющая нарушителю выполнить произвольную команду

EPSS

Процентиль: 96%

0.22337

Средний

7.2 High

CVSS3

CVE ID

Дефекты

CWE-78