← back
CVE-2019-10863

CVE-2019-10863

EPSS 13.4%
A command injection vulnerability exists in TeemIp versions before 2.4.0. The new_config parameter of exec.php allows one to create a new PHP file with the exception of config information. The malicious PHP code sent is executed instantaneously and is not saved on the server.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/46641/unverifiedcve_referencewww.exploit-db.com/exploits/46641unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://pentest.com.tr/exploits/TeemIp-IPAM-2-4-0-new-config-Command-Injection-Metasploit.htmlhttps://www.exploit-db.com/exploits/46641https://www.exploit-db.com/exploits/46641/