3 matches found
CVE-2020-13167
Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php with certain Referer headers launches a command line with client-supplied parameters, and allows injection of shell metacharacters...
CVE-2020-13167
Affected software: Netsweeper WebAdmin (Web content filtering) up to version 6.4.3. Vulnerability type & root cause: unauthenticated remote code execution via webadmin/tools/unixlogin.php where, with certain Referer headers, the command line is invoked with client-supplied parameters allowing she...
CVE-2020-13167
creationtimestamp| type| source ---|---|--- 2020-05-12 17:33:55+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/netsweeperwebadminunixlogin.rb 2025-01-07 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-07...