PT-2005-3218 · Wps · Wps Web Portal System

Blahplok

Publicado

2005-07-17

Atualizado

2016-10-18

CVE-2005-2290

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: WPS Web Portal System version 0.7.0

Description: The issue allows remote attackers to execute arbitrary commands. This is achieved by injecting shell metacharacters into the art and cat variables.

Recommendations: For WPS Web Portal System version 0.7.0, consider restricting access to the wps shop.cgi script until a patch is available, and avoid using the art and cat variables in a way that could allow shell metacharacter injection.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-2290

Produtos afetados

Wps Web Portal System

PT-2005-3218 · Wps · Wps Web Portal System

CVE-2005-2290

Identificadores relacionados

Produtos afetados

Referências · 5