3 matches found
CVE-2020-12149
The configuration backup/restore function in Silver Peak Unity ECOSTM ECOS appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. This...
CVE-2020-12149
CVE-2020-12149 affects Silver Peak Unity ECOS appliances and relates to a command injection in the configuration backup/restore function. The root cause is that the user-controlled config filename is incorporated directly into a subsequent shell command, enabling an authenticated attacker with ac...
CVE-2020-12149 OS Command Injection - Management File Upload
The configuration backup/restore function in Silver Peak Unity ECOSTM ECOS appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. This...