CVE-2017-9328
published 2017-09-15CVE-2017-9328: Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root.
PriorityP265critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
7.38%
93.6th percentile
Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| terra-master | terramaster_operating_system | <= 3.0.33 | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval
nuclei·CVSS 7.5
CVE-2017-11512 [HIGH] ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval
ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval
ManageEngine ServiceDesk 9.3.9328 is vulnerable to an arbitrary file retrieval due to improper restrictions of the pathname used in the name parameter for the download-snapshot path. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.
Template:
id: CVE-2017-11512
info:
name: ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval
author: 0x_Akoko
severity: high
description: |
ManageEngine ServiceDesk 9.3.9328 is vulnerable to an arbitrary file retrieval due to improper restrictions of the pathname used in the name parameter for the download-snapshot path. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.
impact: |
An attacker can access sensi
No writeups or analysis indexed.
2017-09-15
Published