CVE-2006-6597

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions HyperAccess version 8.4

Description The issue allows user-assisted remote attackers to execute arbitrary vbscript and commands. This is achieved via the /r option in a telnet:// URI, which is configured to use hawin32.exe.

Recommendations For HyperAccess version 8.4, consider disabling the use of the /r option in telnet:// URIs to minimize the risk of exploitation until a patch is available. Restrict access to hawin32.exe to prevent unauthorized execution of commands.

Exploit

Fix

Argument Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-88

Related Identifiers

CVE-2006-6597

Affected Products

Hyperaccess

CVE-2006-6597

Weakness Enumeration

Related Identifiers

Affected Products

References · 7