3 matches found
CVE-2017-18025
cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter...
Innotube ITGuard-Manager Remote Code Execution (CVE-2017-18025)
A remote code execution vulnerability exists in Innotube ITGuard-Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2017-18025
CVE-2017-18025 concerns Innotube ITGuard-Manager 0.0.0.1, where the CGI endpoint cgi-bin/drknow.cgi allows remote command execution via shell metacharacters in the username field (demonstrated with a username starting with ‘admin|’). The root cause is improper handling of user-controlled input in...