PT-2006-2905 · Php · Php Net Tools

Fox_Mulder

Published

2006-04-20

Updated

2017-10-19

CVE-2006-1921

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions PHP Net Tools version 2.7.1

Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter of nettools.php.

Recommendations For PHP Net Tools version 2.7.1, consider restricting access to the nettools.php file to minimize the risk of exploitation until a patch is available. Avoid using the host parameter in nettools.php with untrusted input.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-1921

Affected Products

Php Net Tools

PT-2006-2905 · Php · Php Net Tools

CVE-2006-1921

Related Identifiers

Affected Products

References · 7