CVE-2007-3572
published 2007-07-05CVE-2007-3572: Incomplete blacklist vulnerability in cgi-bin/runDiagnostics.cgi in the web interface on the Yoggie Pico and Pico Pro allows remote attackers to execute…
PriorityP353critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
8.38%
94.3th percentile
Incomplete blacklist vulnerability in cgi-bin/runDiagnostics.cgi in the web interface on the Yoggie Pico and Pico Pro allows remote attackers to execute arbitrary commands via shell metacharacters in the param parameter, as demonstrated by URL encoded "`" (backtick) characters (%60 sequences).
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
CWE
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
mitre_cwe
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
This weakness can lead to a vulnerability in environments in which the attacker does not have direct access to the operating system, such as in web applications. Alternately, if the weakness occurs in a privileged program, it could allow the attacker to specify commands that normally would not be accessible, or to call alternate commands with privileges that the attacker does not have. The problem is exacerbated if the compro
CWE
Incomplete List of Disallowed Inputs
mitre_cwe
CWE-184 Incomplete List of Disallowed Inputs
CWE-184: Incomplete List of Disallowed Inputs
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.
Modes of Introduction:
Phase: Implementation
Note: Developers often try to protect their products against malicious input by checking against lists of known bad inputs, such as special characters that can invoke new commands. However, such lists often only address the most well-known bad inputs. As a quick fix, developers might rely on these lists instead of addressing the root cause of the issue. See [REF-141].
Phase: Architecture and Design
Note: The design might rely solely on detection of m
http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0020.htmlhttp://archives.neohapsis.com/archives/fulldisclosure/2007-07/0092.htmlhttp://osvdb.org/37808http://secunia.com/advisories/25902http://www.securityfocus.com/bid/24743http://www.vupen.com/english/advisories/2007/2417https://exchange.xforce.ibmcloud.com/vulnerabilities/35208http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0020.htmlhttp://archives.neohapsis.com/archives/fulldisclosure/2007-07/0092.htmlhttp://osvdb.org/37808http://secunia.com/advisories/25902http://www.securityfocus.com/bid/24743http://www.vupen.com/english/advisories/2007/2417https://exchange.xforce.ibmcloud.com/vulnerabilities/35208
2007-07-05
Published