Summary
Eaton Network Shutdown Module is prone to a remote PHP code-execution vulnerability.
An attacker can exploit this issue to inject and execute arbitrary malicious PHP code in the context of the webserver process. This may facilitate a compromise of the application and the underlying system
other attacks are also possible.
Network Shutdown Module 3.21 build 01 is vulnerable other versions
may also be affected.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Atlassian JIRA FishEye and Crucible Plugins XML Parsing Unspecified Security Vulnerability
- Admin Bot 'news.php' SQL Injection Vulnerability
- Apple Safari PDF Javascript Security Bypass Bypass Vulnerability
- ActualAnalyzer Lite 'ant' Cookie Parameter Remote Command Execution Vulnerability
- ArticleFR CMS 'id' Parameter SQL Injection Vulnerability