← voltar
CVE-2014-5362

CVE-2014-5362

EPSS 3.2%
The admin interface in Landesk Management Suite 9.6 and earlier allows remote attackers to conduct remote file inclusion attacks involving ASPX pages from third-party sites via the d parameter to (1) ldms/sm_actionfrm.asp or (2) remote/frm_coremainfrm.aspx; or the (3) top parameter to remote/frm_splitfrm.aspx.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/131496/Landesk-Management-Suite-9.5-RFI-CSRF.htmlhttp://www.securityfocus.com/archive/1/535286/100/1100/threadedhttp://www.securityfocus.com/bid/74190http://www.securitytracker.com/id/1032203