4 matches found
CVE-2019-9507
creationtimestamp| type| source ---|---|--- 2020-03-31 03:17:21+00:00| seen| https://t.me/cibsecurity/10857...
CVE-2019-9507 The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to arbitrary remote code execution
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command injection because the application incorrectly neutralizes code syntax before executing. Since all commands within the web application are executed as root, this could allow a remote attacker authenticated...
CVE-2019-9507
The CVE-2019-9507 issue affects Vertiv Avocent UMG-4000 web interface (version 4.2.1.19). The vulnerability is an OS command injection in the web UI, where commands are executed with root privileges after input is not properly sanitized, enabling an authenticated administrator to run arbitrary co...
Vertiv Avocent UMG-4000 vulnerable to command injection and cross-site scripting vulnerabilities
Overview The Vertiv Avocent Universal Management Gateway Model UMG-4000 is a data center management appliance. The web interface of the UMG-4000 is vulnerable to command injection, stored cross-site scripting XSS, and reflected XSS, which may allow an authenticated attacker with administrative...