Design/Logic Flaw

2021-02-1519:15:00

PRIOn knowledge base

www.prio-n.com

8.7 High

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.7%

JSON

Endian Firewall Community (aka EFW) 3.3.2 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in a backup comment.

CPENameOperatorVersion
firewall_communityeq3.3.2

CPE	Name	Operator	Version
	firewall_community	eq	3.3.2

References

github.com/MucahitSaratar/endian_firewall_authenticated_rce

sourceforge.net/projects/efw/files/Development/EFW-3.3.2/

www.endian.com/company/news/endian-community-releases-new-version-332-148/