CVE-2006-6597

Опубликовано: 15 дек. 2006

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Argument injection vulnerability in HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via the /r option in a telnet:// URI, which is configured to use hawin32.exe.

Ссылки

http://secunia.com/advisories/23366
Broken Link
Vendor Advisory
http://securityreason.com/securityalert/2045
Third Party Advisory
http://www.securityfocus.com/archive/1/454388/100/0/threaded
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/21594
Broken Link
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2006/5013
Broken Link
http://secunia.com/advisories/23366
Broken Link
Vendor Advisory
http://securityreason.com/securityalert/2045
Third Party Advisory
http://www.securityfocus.com/archive/1/454388/100/0/threaded
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/21594
Broken Link
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2006/5013
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hilgraeve:hyperaccess:8.4:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.03928

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-88

Связанные уязвимости

GHSA-pxf7-7jp8-6443

github

почти 4 года назад