RSS   Vulnerabilities for 'Network monitor'   RSS

2020-01-06
 
CVE-2016-11017

CWE-78
 

 
The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter (a failed login attempt returns the command-injection output to a limited login failure field). This is fixed in 16.6.

 


Copyright 2024, cxsecurity.com

 

Back to Top