Описание
Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary code.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:flexense:vx_search:10.1.12:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 94%
0.12375
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary code.
EPSS
Процентиль: 94%
0.12375
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-119