PT-2006-3303 · Planet Concept · Planetstat

Alp_Eren

Publicado

2006-05-12

Atualizado

2018-10-18

CVE-2006-2338

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions PlaNet Concept plaNetStat version 20050127

Description The issue allows remote attackers to gain administrative privileges and view and configure log files by making a direct request to the "admin.php" or "settings.php" API endpoints.

Recommendations For version 20050127, consider restricting access to the "admin.php" and "settings.php" API endpoints to prevent unauthorized administrative access until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-2338

Produtos afetados

Planetstat

PT-2006-3303 · Planet Concept · Planetstat

CVE-2006-2338

Identificadores relacionados

Produtos afetados

Referências · 4