Описание
Format string vulnerability in the Net Inspector HTTP server (mghttpd) in MG-SOFT Net Inspector 6.5.0.828 and earlier for Windows allows remote attackers to execute arbitrary code via format string specifiers in the URI, which is recorded in a log file.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до windows (включая)
cpe:2.3:a:mg-soft:net_inspector:*:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.13342
Средний
4.3 Medium
CVSS2
Дефекты
CWE-134
Связанные уязвимости
github
почти 4 года назад
Format string vulnerability in the Net Inspector HTTP server (mghttpd) in MG-SOFT Net Inspector 6.5.0.828 and earlier for Windows allows remote attackers to execute arbitrary code via format string specifiers in the URI, which is recorded in a log file.
EPSS
Процентиль: 94%
0.13342
Средний
4.3 Medium
CVSS2
Дефекты
CWE-134