Lucene search
John LeitchZDI-14-136HistoryMay 19, 2014 - 12:00 a.m.
Cogent DataHub Command Injection Remote Code Execution Vulnerability
2014-05-1900:00:00
John Leitch
www.zerodayinitiative.com
18
0.298 Low
EPSS
Percentile
96.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cogent DataHub. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetPermissions.asp component of the web server. This active server page is vulnerable to command injection which allows an attacker to execute arbitrary code in the context of the DataHub process.
References
Related
zdt
zdt
Cogent DataHub Command Injection Exploit
2014-06-27 00:00:00
prion
prion
Command injection
2014-05-22 23:55:00
cve
cve
CVE-2014-3789
2014-05-22 23:55:03
ics
ics
Cogent DataHub Code Injection Vulnerability
2018-09-06 12:00:00
Cogent DataHub Code Injection Vulnerability
2018-08-27 12:00:00
packetstorm
packetstorm
Cogent DataHub Command Injection
2014-06-25 00:00:00
checkpoint_advisories
checkpoint_advisories
nvd
nvd
CVE-2014-3789
2014-05-22 23:55:03
zdi
zdi
Cogent DataHub Gamma Command Injection Remote Code Execution Vulnerability
2015-09-08 00:00:00
cvelist
cvelist
CVE-2014-3789
2014-05-22 23:00:00
nessus
nessus
Cogent DataHub < 7.3.5 Multiple Vulnerabilities
2014-06-19 00:00:00