Lucene search
K

4 matches found

CVE
CVE
added 2017/08/22 3:0 p.m.69 views

CVE-2015-2857

CVE-2015-2857 affects Accellion File Transfer Appliance (FTA) prior to FTA_9_11_210. The vulnerability allows remote code execution via shell metacharacters in the oauth_token parameter, caused by insufficient input sanitization. Public references and sightings indicate exploit tooling exist (e.g...

9.8CVSS9.6AI score0.84178EPSS
Exploits12References4Affected Software1
Check Point Advisories
Check Point Advisories
added 2016/09/25 12:0 a.m.25 views

Accellion FTA getStatus verify_oauth_token Command Execution (CVE-2015-2857)

A command execution vulnerability exists in Accellion File Transfer appliance. The vulnerability is due to insufficient sanitization of the oauthtoken parameter. A remote attacker can exploit this vulnerability by sending crafted request to the affected appliance...

7.5CVSS5.3AI score0.84178EPSS
Exploits12
Packet Storm
Packet Storm
added 2015/07/13 12:0 a.m.30 views

Accellion FTA getStatus verify_oauth_token Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Accellion FTA getStatus verifyoauthtoken Command Execution', 'Description' = %q This module exploits a metacharacter shell injection...

9.2CVSS0.3AI score0.84178EPSS
Exploits12
Circl
Circl
added 2015/07/13 12:0 a.m.14 views

CVE-2015-2857

creationtimestamp| type| source ---|---|--- 2015-07-13 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37597 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/accellionftagetstatusoauth.rb 2025-02-06...

9.8CVSS7.2AI score0.84178EPSS
Exploits12References2
Rows per page
Query Builder