Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-5693
HistoryJan 03, 2020 - 8:15 p.m.

CVE-2012-5693

2020-01-0320:15:00
CWE-78
[email protected]
web.nvd.nist.gov
144
bulb security
spf
remote attackers
arbitrary commands
shell metacharacters
security vulnerability
cve-2012-5693

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

8.3 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

55.0%

JSON

Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddressTB parameter to (1) remoteAttack.pl or (2) guessPassword.pl in frameworkgui/; the filename parameter to (3) CSAttack.pl or (4) SEAttack.pl in frameworkgui/; the phNo2Attack parameter to (5) CSAttack.pl or (6) SEAttack.pl in frameworkgui/; the (7) platformDD2 parameter to frameworkgui/SEAttack.pl; the (8) agentURLPath or (9) agentControlKey parameter to frameworkgui/attach2agents.pl; or the (10) controlKey parameter to frameworkgui/attachMobileModem.pl. NOTE: The hostingPath parameter to CSAttack.pl and SEAttack.pl vectors and the appURLPath parameter to attachMobileModem.pl vector are covered by CVE-2012-5878.

Related

prion 2
packetstorm 1
htbridge 2
securityvulns 4
zdt 1
cve 1
prion
prion
Code injection
2020-01-03 20:15:00
Code injection
2020-01-03 20:15:00
packetstorm
packetstorm
Smartphone Pentest Framework 0.1.3 / 0.1.4 Command Injection
2012-12-11 00:00:00
htbridge
htbridge
Multiple Command Execution Vulnerabilities in Smartphone Pentest Framework (SPF)
2012-11-19 00:00:00
Multiple Vulnerabilities in Smartphone Pentest Framework (SPF)
2012-10-24 00:00:00
securityvulns
securityvulns
Multiple Command Execution Vulnerabilities in Smartphone Pentest Framework
2012-12-11 00:00:00
Multiple Vulnerabilities in Smartphone Pentest Framework (SPF)
2012-11-18 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2012-12-11 00:00:00
zdt
zdt
Smartphone Pentest Framework 0.1.3 / 0.1.4 Command Injection
2012-12-12 00:00:00
cve
cve
CVE-2012-5878
2020-01-03 20:15:00

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

8.3 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

55.0%

JSON
Related for CVE-2012-5693
prion2packetstorm1htbridge2securityvulns4zdt1cve1