CVE-2015-2033

Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request...

Server side request forgery (ssrf)

Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request...

CVE-2015-2033

Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request...

CVE-2015-2033

CVE-2015-2033 concerns Infoblox Network Automation NetMRI’s Anyterm Daemon, vulnerable before NETMRI-23483. A remote attacker can send a crafted terminal/anyterm-module request to achieve arbitrary command execution with root privileges. The vulnerability stems from how the Anyterm Daemon handles...

OS Command Injection Infoblox Network Automation

Product: Network Automation, licensed as: • NetMRI • Switch Port Manager • Automation Change Manager • Security Device Controller Vendor: Infoblox Vulnerable Versions: 6.4.X.X-6.8.4.X Tested Version: 6.8.2.11 Vendor Notification: May 12th, 2014 Vendor Patch Availability to Customers: May 16th, 20...

CVE-2014-3419

Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors...

CVE-2014-3418

config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter...

Design/Logic Flaw

config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter...

Default credentials

Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors...

CVE-2014-3418

config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter...

CVE-2014-3419

Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors...

CVE-2014-3419

CVE-2014-3419 concerns Infoblox NetMRI prior to 6.8.5, where a weak local MySQL credential (default root: root) enables an authenticated OS user to access databases, enabling OS command injection through the affected NetMRI components. Connected sources confirm vulnerable product families include...

CVE-2014-3418

CVE-2014-3418 affects Infoblox NetMRI (Network Automation products) prior to version 6.8.5. The vulnerability is an OS command injection in the web interface, caused by insufficient sanitization of the skipjackUsername parameter in login.tdf, enabling a remote attacker to execute arbitrary comman...

Infoblox NetMRI < 6.8.5 OS Command Injection Vulnerability - Active Check

Infoblox NetMRI is prone to an OS command injection vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Infoblox 6.8.2.11 - OS Command Injection

No description provided by source. Product: Network Automation, licensed as: • NetMRI • Switch Port Manager • Automation Change Manager • Security Device Controller Vendor: Infoblox Vulnerable Versions: 6.4.X.X-6.8.4.X Tested Version: 6.8.2.11 Vendor Notification: May 12th, 2014 Vendor Patch...

Infoblox 6.8.2.11 - OS Command Injection

Product: Network Automation, licensed as: • NetMRI • Switch Port Manager • Automation Change Manager • Security Device Controller Vendor: Infoblox Vulnerable Versions: 6.4.X.X-6.8.4.X Tested Version: 6.8.2.11 Vendor Notification: May 12th, 2014 Vendor Patch Availability to Customers: May 16th, 20...

Infoblox 6.8.2.11 - OS Command Injection

Infoblox 6.8.2.11 - OS Command Injection Product: Network Automation, licensed as: • NetMRI • Switch Port Manager • Automation Change Manager • Security Device Controller Vendor: Infoblox Vulnerable Versions: 6.4.X.X-6.8.4.X Tested Version: 6.8.2.11 Vendor Notification: May 12th, 2014 Vendor Patc...

Infoblox 6.8.2.11 - OS Command Injection / Weak MySQL Password Vulnerability

Infoblox versions 6.4.x.x through 6.8.4.x suffer from a remote OS command injection and use a default login of root with password root on their MySQL instances. Product: Network Automation, licensed as: • NetMRI • Switch Port Manager • Automation Change Manager • Security Device Controller Vendor...

Infoblox 6.8.4.x OS Command Injection

Product: Network Automation, licensed as: • NetMRI • Switch Port Manager • Automation Change Manager • Security Device Controller Vendor: Infoblox Vulnerable Versions: 6.4.X.X-6.8.4.X Tested Version: 6.8.2.11 Vendor Notification: May 12th, 2014 Vendor Patch Availability to Customers: May 16th, 20...

Infoblox 6.8.4.x Weak MySQL Password

Product: Network Automation • NetMRI • Switch Port Manager • Automation Change Manager • Security Device Controller Vendor: InfoBlox Vulnerable Versions: 6.4.X.X-6.8.4.X Tested Version: 6.8.2.11 Vendor Notification: May 12th, 2014 Public Disclosure: July 9th, 2014 Vulnerability Type: OS Command...