Lucene search
HistorySep 28, 2015 - 3:59 p.m.
CVE-2015-5082
cve-2015-5082
endian firewall
remote attackers
arbitrary commands
shell metacharacters
security vulnerability
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.7 High
AI Score
Confidence
Low
0.963 High
EPSS
Percentile
99.6%
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
Affected configurations
Node
endian_firewallendian_firewallRange≤2.5.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| endian_firewall:endian_firewall | endian firewall | le | 2.5.1 |
Related
openvas
openvas
Endian Firewall OS Command Injection Vulnerability
2015-10-12 00:00:00
prion
prion
Code injection
2015-09-28 15:59:00
packetstorm
packetstorm
Endian Firewall Proxy Password Change Command Injection
2015-09-07 00:00:00
cvelist
cvelist
CVE-2015-5082
2015-09-28 15:00:00
zdt
zdt
Endian Firewall Proxy Password Change Command Injection Exploit
2015-09-07 00:00:00
checkpoint_advisories
checkpoint_advisories
Endian Firewall Proxy Password Change Command Execution (CVE-2015-5082)
2015-10-06 00:00:00
nvd
nvd
CVE-2015-5082
2015-09-28 15:59:00
exploitdb
exploitdb
Endian Firewall - Password Change Command Injection (Metasploit)
2015-09-07 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.7 High
AI Score
Confidence
Low
0.963 High
EPSS
Percentile
99.6%
Related for CVE-2015-5082