Lucene search
HistorySep 28, 2015 - 3:59 p.m.
CVE-2015-5082
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.963
Percentile
99.6%
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
Affected configurations
Node
endian_firewallendian_firewallRange≤2.5.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| endian_firewall | endian_firewall | * | cpe:2.3:a:endian_firewall:endian_firewall:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2015-5082
2015-09-28 15:59:00
checkpoint_advisories
checkpoint_advisories
Endian Firewall Proxy Password Change Command Execution (CVE-2015-5082)
2015-10-06 00:00:00
zdt
zdt
Endian Firewall Proxy Password Change Command Injection Exploit
2015-09-07 00:00:00
exploitdb
exploitdb
Endian Firewall < 3.0.0 - OS Command Injection
2015-06-29 00:00:00
Endian Firewall < 3.0.0 - OS Command Injection (Metasploit)
2015-06-29 00:00:00
Endian Firewall - Password Change Command Injection (Metasploit)
2015-09-07 00:00:00
prion
prion
Code injection
2015-09-28 15:59:00
openvas
openvas
Endian Firewall OS Command Injection Vulnerability
2015-10-12 00:00:00
metasploit
metasploit
Endian Firewall Proxy Password Change Command Injection
2015-06-29 19:03:17
cvelist
cvelist
CVE-2015-5082
2015-09-28 15:00:00
packetstorm
packetstorm
Endian Firewall Proxy Password Change Command Injection
2015-09-07 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.963
Percentile
99.6%
Related for NVD:CVE-2015-5082