CVE-2015-5082

Publication date

2015-09-28 15:00:00

Family

mitre

State

PUBLISHED

Description

Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.