← back
CVE-2017-6320

CVE-2017-6320

EPSS 11.1%
A remote command injection vulnerability exists in the Barracuda Load Balancer product line (confirmed on v5.4.0.004 (2015-11-26) and v6.0.1.006 (2016-08-19); fixed in 6.1.0.003 (2017-01-17)) in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability stems from unsanitized data being processed in a system call when the delete_assessment command is issued.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/42333/unverifiedexploitdbwww.exploit-db.com/exploits/42333unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://campus.barracuda.com/product/loadbalanceradc/article/ADC/ReleaseNotes610003/https://www.exploit-db.com/exploits/42333/