Описание
Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) transcriptFile parameter to MRcgi/MRchat.pl or (2) LOADFILE parameter to MRcgi/MRABLoad2.pl. NOTE: some of these details are obtained from third party information.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:numarasoftware:footprints:7.5a:*:*:*:*:*:*:*
cpe:2.3:a:numarasoftware:footprints:7.5a1:*:*:*:*:*:*:*
cpe:2.3:a:numarasoftware:footprints:8.0:*:*:*:*:*:*:*
cpe:2.3:a:numarasoftware:footprints:8.0a:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.04061
Низкий
10 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) transcriptFile parameter to MRcgi/MRchat.pl or (2) LOADFILE parameter to MRcgi/MRABLoad2.pl. NOTE: some of these details are obtained from third party information.
EPSS
Процентиль: 88%
0.04061
Низкий
10 Critical
CVSS2
Дефекты
CWE-78