System command injection in the ... CVE-2018-14701

7.5 AV AC AU C I A
发布: 2018-12-03
修订: 2019-03-25

System command injection in the /DroboAccess/delete_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息