The web interface in chumby one before 1.0.4 and chumby classic before 1.7.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a request.
CPE | Name | Operator | Version |
---|---|---|---|
chumby_classic | eq | 1.2 | |
chumby_classic | eq | 1.4 | |
chumby_classic | le | 1.7.1 | |
chumby_classic | eq | 1.1 | |
chumby_classic | eq | 1.6 | |
chumby_classic | eq | 1.7 | |
chumby_classic | eq | 0.9 | |
chumby_classic | eq | 1.5 | |
chumby_one | eq | 1.0.2 | |
chumby_one | le | 1.0.3 |