9 matches found
OTRS 5.x <= 5.0.24 and 6.x <= 6.0.1 RCE Vulnerability
OTRS is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if...
Open Ticket Request System Remote Code Execution Vulnerability
Open Ticket Request System OTRS is an open source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted through various channels such as phone calls, emails, etc. into different queues and service levels, and the service...
CVE-2018-7567
In the Admin Package Manager in Open Ticket Request System OTRS 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a command on the server...
DEBIAN-CVE-2018-7567
In the Admin Package Manager in Open Ticket Request System OTRS 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a command on the server...
CVE-2018-7567
In the Admin Package Manager in Open Ticket Request System OTRS 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a command on the server...
Remote code execution
DISPUTED In the Admin Package Manager in Open Ticket Request System OTRS 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a command on th...
CVE-2018-7567
In the Admin Package Manager in Open Ticket Request System OTRS 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a command on the server...
CVE-2018-7567
CVE-2018-7567 affects Open Ticket Request System (OTRS) Admin Package Manager, with RCE via loading a crafted opm file containing a CodeInstall element. Vulnerable versions: OTRS 5.0.0–5.0.24 and 6.0.0–6.0.1. The issue requires authentication of admin users and can execute commands on the server ...
CVE-2018-7567
In the Admin Package Manager in Open Ticket Request System OTRS 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a command on the server...