CVE-2017-6087

EyesOfNetwork ("EON") 5.0 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowledge, (2) delete, or (3) ownDisown function in module/monitoring_ged/ged_functions.php or the (4) module parameter to module/index.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:eonweb_project:eonweb:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-03-24 14:59

Updated : 2024-02-28 15:44


NVD link : CVE-2017-6087

Mitre link : CVE-2017-6087

CVE.ORG link : CVE-2017-6087


JSON object : View

Products Affected

eonweb_project

  • eonweb
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')