Design/Logic Flaw

2020-04-0214:15:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.6%

JSON

Manage::Certificates in Zen Load Balancer 3.10.1 allows remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the index.cgi cert_issuer, cert_division, cert_organization, cert_locality, cert_state, cert_country, or cert_email parameter.

CPENameOperatorVersion
zen_load_balancereq3.10.1

CPE	Name	Operator	Version
	zen_load_balancer	eq	3.10.1

References

code610.blogspot.com/2020/03/pentesting-zen-load-balancer-quick.html

github.com/c610/tmp/blob/master/zenload4patreons.zip