The vulnerability in the enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py script of the WebAdmin plugin allows a malicious user to execute arbitrary commands on the operating system.

🗓️ 18 Sep 2017 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

A vulnerability in WebAdmin Script.py allows shell metasymbols to execute arbitrary commands.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2017-14135	10 Nov 202400:00	–	circl
CNVD	opendreambox Operating System Command Injection Vulnerability	13 Nov 201700:00	–	cnvd
Check Point Advisories	Dreambox Opendreambox Command Execution (CVE-2017-14135)	5 Apr 202000:00	–	checkpoint_advisories
CVE	CVE-2017-14135	4 Sep 201723:00	–	cve
Cvelist	CVE-2017-14135	4 Sep 201723:00	–	cvelist
Nuclei	OpenDreambox 2.0.0 - Remote Code Execution	10 Jun 202605:11	–	nuclei
NVD	CVE-2017-14135	4 Sep 201723:29	–	nvd
Prion	Design/Logic Flaw	4 Sep 201723:29	–	prion
ThreatPost	Gitpaste-12 Worm Targets Linux Servers, IoT Devices	6 Nov 202017:34	–	threatpost
VulnCheck KEV	VulnCheck KEV: CVE-2017-14135	13 Jun 201900:00	–	vulncheck_kev

Vulners

Node

dream_multimedia opendreamboxMatch2.0

Source	Link
the-infosec	www.the-infosec.com/2017/07/05/from-shodan-to-rce-opendreambox-2-0-0-code-execution/
security-database	www.security-database.com/detail.php
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

8.1High risk

Vulners AI Score8.1

CVSS 210

EPSS0.90088

WebAdmin Script Command execution Shell metasymbols Arbitrary commands Enigma2 plugins