CVE-2017-18025

cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter...

EUVD-2017-9165

Malware in sbrugna...

Innotube ITGuard-Manager Remote Code Execution (CVE-2017-18025)

A remote code execution vulnerability exists in Innotube ITGuard-Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

The vulnerability of the drknow.cgi script in the Innotube ITGuard-Manager system management, control, and information security system allows a perpetrator to execute arbitrary operating system commands.

The vulnerability of the drknow.cgi cgi-bin/drknow.cgi script of the Innotube ITGuard-Manager system management, control, and information security system is related to the failure to implement measures to neutralize special elements used in the operating system’s command set. Exploiting this...

Innotube ITGuard-Manager cgi-bin/drknow.cgi file remote code execution vulnerability

Innotube ITGuard-Manager is an IT asset management system. A security vulnerability exists in the cgi-bin/drknow.cgi file in Innotube ITGuard-Manager version 0.0.0.1. The vulnerability can be exploited by a remote attacker to execute arbitrary operating system commands via shell metacharacters in...

CVE-2017-18025

cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter...

CVE-2017-18025

cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter...

Design/Logic Flaw

cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter...

CVE-2017-18025

cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter...

CVE-2017-18025

CVE-2017-18025 concerns Innotube ITGuard-Manager 0.0.0.1, where the CGI endpoint cgi-bin/drknow.cgi allows remote command execution via shell metacharacters in the username field (demonstrated with a username starting with ‘admin|’). The root cause is improper handling of user-controlled input in...

ITGuard-Manager 0.0.0.1 - Remote Code Execution

ITGuard-Manager 0.0.0.1 - Remote Code Execution Vulnerability Title: ITGuard-Manager V0.0.0.1 PreAuth Remote Code Execution Author: Nassim Asrir Contact: [email protected] / @asrirnassim CVE: Waiting ... CVSS:...

ITGuard-Manager 0.0.0.1 Remote Command Execution

Vulnerability Title: ITGuard-Manager V0.0.0.1 PreAuth Remote Code Execution Author: Nassim Asrir Contact: [email protected] / @asrirnassim CVE: Waiting ... CVSS: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H/E:H/MAV:P3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H/E:H/MAV:P Vendor: http://www.innotube.co...

ITGuard-Manager 0.0.0.1 - Remote Code Execution Exploit

Exploit for cgi platform in category remote exploits Vulnerability Title: ITGuard-Manager V0.0.0.1 PreAuth Remote Code Execution Author: Nassim Asrir Contact: email protected / @asrirnassim CVE: Waiting ... CVSS:...

ITGuard-Manager 0.0.0.1 - Remote Code Execution

Vulnerability Title: ITGuard-Manager V0.0.0.1 PreAuth Remote Code Execution Author: Nassim Asrir Contact: [email protected] / @asrirnassim CVE: Waiting ... CVSS: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H/E:H/MAV:P3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H/E:H/MAV:P Vendor: http://www.innotube.co...