Name of the Vulnerable Software and Affected Versions Kaspersky Anti-Virus 8.0 for Linux File Servers

Description The issue is related to a potential command injection vulnerability in the web console of the antivirus software. This could allow a remote attacker to access a file on the server by sending a specially crafted GET request that specifies the path to the file in the URL.

Recommendations For Kaspersky Anti-Virus 8.0 for Linux File Servers, consider restricting access to the web console until a fix is available. As a temporary workaround, limit the ability to send GET requests with file paths in the URL to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.