CVE-2022-1410

OS Command Injection vulnerability in the dboptimize component of Device42 Asset Management Appliance allows an authenticated attacker to execute remote code on the device. This issue affects: Device42 CMDB version 18.01.00 and prior versions...

The vulnerability of the Device42 data processing infrastructure management software’s /Exago/WrImageResource.axd file allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the dboptimize function in the Device42 data center infrastructure management software applmgr/applmgrsite/views.py is related to lack of access control mechanisms. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protect...

The vulnerability of the db_optimize() function (applmgr/applmgrsite/views.py) in the Device42 data center infrastructure management software allows a perpetrator to execute arbitrary commands.

The vulnerability of the dboptimize function in the Device42 data center infrastructure management software exists because measures to neutralize special elements used in the operating system commands have not been implemented. Exploiting this vulnerability allows a remote attacker to execute...

PT-2022-4178 · Device42 · Device42 Cmdb

Name of the Vulnerable Software and Affected Versions: Device42 CMDB versions prior to 18.01.00 Description: The issue is related to improper access control in the Device42 Asset Management Appliance, specifically in the /Exago/WrImageResource.adx route. This allows an unauthenticated attacker to...