Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.
9.8CVSS
9.7AI Score
0.968EPSS
Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account.
9.8CVSS
9.5AI Score
0.007EPSS