mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
836 B
836 B
CVE-2015-5453
Description
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl.
POC
Reference
- http://packetstormsecurity.com/files/132498/Watchguard-XCS-10.0-SQL-Injection-Command-Execution.html
- http://packetstormsecurity.com/files/133721/Watchguard-XCS-Remote-Command-Execution.html
- https://www.exploit-db.com/exploits/38346/
Github
No PoCs found on GitHub currently.