JVN#88277644: Keijiban Tsumiki vulenrable to OS command injection

2020-03-24T00:00:00
ID JVN:88277644
Type jvn
Reporter Japan Vulnerability Notes
Modified 2020-03-24T00:00:00

Description

## Description

Keijiban Tsumiki provided by Mash room - Free CGI - is a CGI to provide Bulletin Board System (BBS) functions.
Keijiban Tsumiki contains an OS command injection vulnerability (CWE-78).

## Impact

A remote attacker may execute an arbitrary OS command.

## Solution

Consider stop using Keijiban Tsumiki v1.15
Since the developer was unreachable, existence of any mitigations is unknown.