CVE-2015-2033

Name of the Vulnerable Software and Affected Versions Infoblox Network Automation NetMRI versions prior to NETMRI-23483

Description The issue is related to a flaw in the authentication procedure of the NetMRI network monitoring program in the Anyterm Daemon. This flaw allows remote attackers to execute arbitrary commands with root privileges via crafted terminal/anyterm-module requests. Exploitation of this issue may enable a remote attacker to execute arbitrary code using specially formed requests.

Recommendations For versions prior to NETMRI-23483, update to a version that includes the fix for this issue, specifically NETMRI-23483 or later. As a temporary workaround, consider restricting access to the Anyterm Daemon to minimize the risk of exploitation. Avoid using the Anyterm Daemon until the issue is resolved.