Security Advisory

CVE-2017-14118

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-09-03 20:00:00

Last updated 2024-09-16 19:56:57

Assigner mitre

State PUBLISHED

Description

In the EyesOfNetwork web interface (aka eonweb) 5.1-0, moduletool_alltoolsinterface.php does not properly restrict exec calls, which allows remote attackers to execute arbitrary commands via shell metacharacters in the host_list parameter to module/tool_all/select_tool.php.

← Browse all CVEs View on cve.org ↗