Security Advisory

CVE-2020-13167

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-05-19 19:29:41

Last updated 2024-08-04 12:11:19

Assigner mitre

State PUBLISHED

Description

Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php (with certain Referer headers) launches a command line with client-supplied parameters, and allows injection of shell metacharacters.

← Browse all CVEs View on cve.org ↗