exploitDog

CVE-2009-4646

Опубликовано: 19 фев. 2010

Источник: nvd

CVSS2: 9

EPSS Низкий

Описание

Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string.

Ссылки

http://secunia.com/advisories/38538
Vendor Advisory
http://www.portcullis-security.com/339.php
Exploit
http://secunia.com/advisories/38538
Vendor Advisory
http://www.portcullis-security.com/339.php
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:accellion:secure_file_transfer_appliance:*:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00598

Низкий

9 Critical

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-m43c-33mw-5x3w

github

почти 4 года назад

Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string.

EPSS

Процентиль: 69%

0.00598

Низкий

9 Critical

CVSS2

Дефекты

CWE-94