CVE-2013-1751

Опубликовано: 07 нояб. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters.

Ссылки

http://www.securitytracker.com/id/1028149
Third Party Advisory
VDB Entry
https://security-tracker.debian.org/tracker/CVE-2013-1751
Third Party Advisory
https://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2013-1751
Mitigation
Patch
Vendor Advisory
http://www.securitytracker.com/id/1028149
Third Party Advisory
VDB Entry
https://security-tracker.debian.org/tracker/CVE-2013-1751
Third Party Advisory
https://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2013-1751
Mitigation
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:twiki:twiki:*:*:*:*:*:*:*:*

Версия до 5.1.4 (исключая)

EPSS

Процентиль: 89%

0.04692

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2013-1751

CVSS3: 9.8

debian

около 6 лет назад

TWiki before 5.1.4 allows remote attackers to execute arbitrary shell ...

GHSA-5mj5-5f99-mv3g

github

почти 4 года назад