System command injection in the ... CVE-2018-14699

7.5 AV AC AU C I A
发布: 2018-12-03
修订: 2019-01-17

System command injection in the /DroboAccess/enable_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息