Описание
vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands via shell metacharacters in the fileDate parameter in a DOWN call.
vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands via shell metacharacters in the fileDate parameter in a DOWN call.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-5073
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95319
- http://disse.cting.org/2014/07/30/vmturbo-operation-manager-remote-command-execution
- http://packetstormsecurity.com/files/127864/VMTurbo-Operations-Manager-4.6-vmtadmin.cgi-Remote-Command-Execution.html
- http://secunia.com/advisories/58880
- http://secunia.com/secunia_research/2014-8
- http://www.exploit-db.com/exploits/34335
- http://www.osvdb.org/109572
- http://www.securityfocus.com/bid/69225
EPSS
Процентиль: 99%
0.88269
Высокий
CVE ID
Связанные уязвимости
nvd
больше 11 лет назад
vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands via shell metacharacters in the fileDate parameter in a DOWN call.
EPSS
Процентиль: 99%
0.88269
Высокий