Security Advisory

CVE-2019-10863

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-04-04 17:07:13

Last updated 2024-08-04 22:32:02

Assigner mitre

State PUBLISHED

Description

A command injection vulnerability exists in TeemIp versions before 2.4.0. The new_config parameter of exec.php allows one to create a new PHP file with the exception of config information. The malicious PHP code sent is executed instantaneously and is not saved on the server.

← Browse all CVEs View on cve.org ↗