Описание
The (1) Traceroute and (2) Ping implementations in tools.php in SpamTitan WebTitan before 3.60 allow remote authenticated users to execute arbitrary commands via shell metacharacters in an argument, as demonstrated by an && (ampersand ampersand) sequence.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 3.50 (включая)
cpe:2.3:a:spamtitan:webtitan:*:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01272
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
больше 3 лет назад
The (1) Traceroute and (2) Ping implementations in tools.php in SpamTitan WebTitan before 3.60 allow remote authenticated users to execute arbitrary commands via shell metacharacters in an argument, as demonstrated by an && (ampersand ampersand) sequence.
EPSS
Процентиль: 79%
0.01272
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-94