mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
894 B
894 B
CVE-2016-11017
Description
The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter (a failed login attempt returns the command-injection output to a limited login failure field). This is fixed in 16.6.
POC
Reference
- https://ctrlu.net/vuln/0002.html
- https://ctrlu.net/vuln/0002.html
- https://www.exploit-db.com/exploits/39564
- https://www.exploit-db.com/exploits/39564
Github
No PoCs found on GitHub currently.