E18-rumj1
CVSS:
9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
False Positive:
t
Variants:
6
Year:
2018
Description
This strike exploits a remote command execution in Imperva SecureSphere Web Application Firewall. The vulnerability resides in the lack of sanitization of the installer-address parameter when the server statues is being queried. By exploiting this flaw, an attacker will be able to execute commands as the root user on the host system.
CVE
References
MSB
BID
ExploitDB
Secunia
Security Tracker
Metasploit
ZDI
OSVDB
{}