Summary
Multiple IQ Invisions products are prone to a command-injection vulnerability.
Impact
Exploiting this issue could allow an attacker to execute arbitrary commands in the context of the affected device.
Solution
Ask the Vendor for an update.
Detection
Send a HTTP GET request and check the response.
References
Severity
Classification
-
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
- ArticleSetup Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
- A Really Simple Chat Multiple SQL Injection Vulnerabilities
- Apple Safari RSS Feed Information Disclosure Vulnerability
- Admin Bot 'news.php' SQL Injection Vulnerability