Security Advisory

CVE-2021-26752

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-02-12 20:35:40

Last updated 2024-08-03 20:33:40

Assigner mitre

State PUBLISHED

Description

NeDi 1.9C allows an authenticated user to execute operating system commands in the Nodes Traffic function on the endpoint /Nodes-Traffic.php via the md or ag HTTP GET parameter. This allows an attacker to obtain access to the operating system where NeDi is installed and to all application data.

← Browse all CVEs View on cve.org ↗