Remote code execution

2019-09-0517:15:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.1%

JSON

A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker can send a crafted web parameter to trigger this vulnerability.

CPENameOperatorVersion
efront_lmsle5.2.12

CPE	Name	Operator	Version
	efront_lms	le	5.2.12

References

talosintelligence.com/vulnerability_reports/TALOS-2019-0858