CVE-2008-6816

Name of the Vulnerable Software and Affected Versions: Eaton MGEOPS Network Shutdown Module versions prior to 3.10 Build 13

Description: The issue allows remote attackers to execute arbitrary code by adding a custom action to the MGE frontend via "pane actionbutton.php", and then executing this action via "exec action.php".

Recommendations: For versions prior to 3.10 Build 13, update to version 3.10 Build 13 or later to resolve the issue. As a temporary workaround, consider restricting access to "pane actionbutton.php" and "exec action.php" to minimize the risk of exploitation.