CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
98.5%
license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the timestamp parameter for an install action.
Vendor | Product | Version | CPE |
---|---|---|---|
op5 | monitor | * | cpe:2.3:a:op5:monitor:*:*:*:*:*:*:*:* |
op5 | monitor | 5.3.5 | cpe:2.3:a:op5:monitor:5.3.5:*:*:*:*:*:*:* |
op5 | monitor | 5.4.0 | cpe:2.3:a:op5:monitor:5.4.0:*:*:*:*:*:*:* |
op5 | monitor | 5.4.2 | cpe:2.3:a:op5:monitor:5.4.2:*:*:*:*:*:*:* |
op5 | monitor | 5.5.0 | cpe:2.3:a:op5:monitor:5.5.0:*:*:*:*:*:*:* |
op5 | system-portal | * | cpe:2.3:a:op5:system-portal:*:*:*:*:*:*:*:* |