Описание
ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the Request parameter to ess.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:nitrosecurity:nitroview_esm_software:8.4.0a:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:nitrosecurity:nitroview_esm:ns-esm-5205-r:*:*:*:*:*:*:*
cpe:2.3:h:nitrosecurity:nitroview_esm:ns-esm-5510-r:*:*:*:*:*:*:*
cpe:2.3:h:nitrosecurity:nitroview_esm:ns-esm-5750-r:*:*:*:*:*:*:*
cpe:2.3:h:nitrosecurity:nitroview_esm:ns-esm-x5:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02536
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the Request parameter to ess.
EPSS
Процентиль: 85%
0.02536
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-20