PT-2023-26027 · Esds · Esds Emagic Data Center Management Suit

Chinamay Joshi

Publicado

2023-08-08

Atualizado

2024-04-12

CVE-2023-37569

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ESDS Emagic Data Center Management Suit (affected versions not specified)

Description The issue is caused by a lack of input sanitization in the Ping component of the ESDS Emagic Data Center Management Suit. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system, potentially allowing the execution of arbitrary code on the targeted system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

CVE-2023-37569

Produtos afetados

Esds Emagic Data Center Management Suit

PT-2023-26027 · Esds · Esds Emagic Data Center Management Suit

CVE-2023-37569

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8