CVE-2019-16072

Name of the Vulnerable Software and Affected Versions NETSAS Enigma NMS versions 65.0.0 and prior

Description An OS command injection issue in the discover and manage CGI script allows an attacker to execute arbitrary code due to improper neutralization of shell metacharacters in the ip address variable within an snmp browser action.

Recommendations For versions 65.0.0 and prior, consider restricting access to the discover and manage CGI script until a patch is available. As a temporary workaround, avoid using the ip address variable in the snmp browser action to minimize the risk of exploitation.