Required CVE Record Information
Description
vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands via shell metacharacters in the fileDate parameter in a DOWN call.
References 8 Total
- http://secunia.com/secunia_research/2014-8/
- exchange.xforce.ibmcloud.com: vmturbo-cve20145073-cmd-exec(95319) vdb-entry
- http://packetstormsecurity.com/files/127864/VMTurbo-Operations-Manager-4.6-vmtadmin.cgi-Remote-Command-Execution.html
- osvdb.org: 109572 vdb-entry
- secunia.com: 58880 third-party-advisory
- securityfocus.com: 69225 vdb-entry
- exploit-db.com: 34335 exploit
- http://disse.cting.org/2014/07/30/vmturbo-operation-manager-remote-command-execution/
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 8 Total
- http://secunia.com/secunia_research/2014-8/ x_transferred
- exchange.xforce.ibmcloud.com: vmturbo-cve20145073-cmd-exec(95319) vdb-entryx_transferred
- http://packetstormsecurity.com/files/127864/VMTurbo-Operations-Manager-4.6-vmtadmin.cgi-Remote-Command-Execution.html x_transferred
- osvdb.org: 109572 vdb-entryx_transferred
- secunia.com: 58880 third-party-advisoryx_transferred
- securityfocus.com: 69225 vdb-entryx_transferred
- exploit-db.com: 34335 exploitx_transferred
- http://disse.cting.org/2014/07/30/vmturbo-operation-manager-remote-command-execution/ x_transferred