Lucene search

K
cveMitreCVE-2015-2844
HistoryMay 12, 2015 - 7:59 p.m.

CVE-2015-2844

2015-05-1219:59:19
CWE-78
mitre
web.nvd.nist.gov
40
cve-2015-2844
cpanel
go_site.php
goautodial goadmin ce
remote code execution
security vulnerability
nvd

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.038

Percentile

92.0%

The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1420434000 allows remote attackers to execute arbitrary commands via the $action portion of the PATH_INFO.

Affected configurations

Nvd
Node
goautodialgoadmin_ceMatch3.0
OR
goautodialgoadmin_ceMatch3.3
VendorProductVersionCPE
goautodialgoadmin_ce3.0cpe:/a:goautodial:goadmin_ce:3.0:::
goautodialgoadmin_ce3.3cpe:/a:goautodial:goadmin_ce:3.3:::

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.038

Percentile

92.0%