Описание
jiacrontab 1.4.5 allows remote attackers to execute arbitrary commands via the crontab/task/edit?addr=localhost%3a20001 command and args parameters, as demonstrated by command=cat&args=/etc/passwd in the POST data.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:jiacrontab_project:jiacrontab:1.4.5:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02624
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.2
github
больше 3 лет назад
jiacrontab 1.4.5 allows remote attackers to execute arbitrary commands via the crontab/task/edit?addr=localhost%3a20001 command and args parameters, as demonstrated by command=cat&args=/etc/passwd in the POST data.
EPSS
Процентиль: 85%
0.02624
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo