Security Advisory

CVE-2020-10789

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-25 14:00:49

Last updated 2024-08-04 11:14:15

Assigner mitre

State PUBLISHED

Description

openITCOCKPIT before 3.7.3 has a web-based terminal that allows attackers to execute arbitrary OS commands via shell metacharacters that are mishandled on an su command line in app/Lib/SudoMessageInterface.php.

← Browse all CVEs View on cve.org ↗