1 results (0.001 seconds)
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2019-17096 – Bitdefender BOX 2 bootstrap get_image_size command injection vulnerability
https://notcve.org/view.php?id=CVE-2019-17096
27 Jan 2020 — A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command. Una vulnerabilidad de Inyección de Comandos de Sistema Operativo en la etapa de arranque de Bitdefender BOX 2, permite la manipulación de la función "get_image_url()" en circunstancias especiales para inyectar un comando de sistema. • https://www.bitdefender.com/support/security-advisories/bitdefender-box-2-bootstrap-get_image_size-command-injection-vulnerability • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •