Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5010

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-5010
Last Modified 16 Feb 2012 11:10:49
Published 24 Dec 2011 08:55:04
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-5010

Summary

apps/a3/cfg_ethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action.

Vulnerable Systems


References

EXPLOIT-DB - 18172

SECUNIA - 47003

OSVDB - 77497

MISC - http://dev.metasploit.com/redmine/issues/5610

BID - 50867


Last Updated: 27 May 2016 10:57:17