PT-2005-3218 · Wps · Wps Web Portal System

Blahplok

Published

2005-07-17

Updated

2016-10-18

CVE-2005-2290

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: WPS Web Portal System version 0.7.0

Description: The issue allows remote attackers to execute arbitrary commands. This is achieved by injecting shell metacharacters into the art and cat variables.

Recommendations: For WPS Web Portal System version 0.7.0, consider restricting access to the wps shop.cgi script until a patch is available, and avoid using the art and cat variables in a way that could allow shell metacharacter injection.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2290

Affected Products

Wps Web Portal System

PT-2005-3218 · Wps · Wps Web Portal System

CVE-2005-2290

Related Identifiers

Affected Products

References · 5