1 results (0.004 seconds)
CVSS: 10.0EPSS: 84%CPEs: 1EXPL: 5
CVSS: 10.0EPSS: 84%CPEs: 1EXPL: 5CVE-2015-5082 – Endian Firewall < 3.0.0 - OS Command Injection
https://notcve.org/view.php?id=CVE-2015-5082
07 Sep 2015 — Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi. Vulnerabilidad en Endian Firewall en versiones anteriores a 3.0, permite a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres en la shell en el parámetro (1) NEW_PASSWORD_1 o (2) NEW_PASSWORD_2 en cgi-bin/chpasswd.cgi. • https://packetstorm.news/files/id/133469 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •