4 matches found
Netsweeper <=6.4.3 - Python Code Injection
Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php with certain Referer headers launches a command line with client-supplied parameters, and allows injection of shell metacharacters. id: CVE-2020-13167 info: name: Netsweeper =6.4.4 to mitiga...
VulnCheck KEV: CVE-2020-13167
Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php with certain Referer headers launches a command line with client-supplied parameters, and allows injection of shell metacharacters...
Netsweeper Injection Vulnerability
Netsweeper is a Web content filtering solution from Netsweeper Canada. A security vulnerability exists in the /webadmin/tools/unixlogin.php script in Netsweeper versions 6.4.3 and earlier. An attacker could exploit the vulnerability to execute code...
CVE-2020-13167
Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php with certain Referer headers launches a command line with client-supplied parameters, and allows injection of shell metacharacters. Recent assessments: wvu-r7 at May 21, 2020 5:51am UTC...