Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2010-02-19 17:30
Updated : 2024-02-28 11:41
NVD link : CVE-2009-4644
Mitre link : CVE-2009-4644
CVE.ORG link : CVE-2009-4644
JSON object : View
Products Affected
accellion
- secure_file_transfer_appliance
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')