Restorepoint 'remote_support.cgi' Remote Command Injection Vulnerability
BID:50988
Info
Restorepoint 'remote_support.cgi' Remote Command Injection Vulnerability
| Bugtraq ID: | 50988 |
| Class: | Input Validation Error |
| CVE: |
CVE-2011-4201 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 08 2011 12:00AM |
| Updated: | Dec 08 2011 12:00AM |
| Credit: | Tavaris Desamito |
| Vulnerable: |
TADASoft Restorepoint 3.2 Evaluation |
| Not Vulnerable: |
TADASoft Restorepoint 3.3 Evaluation |
Discussion
Restorepoint 'remote_support.cgi' Remote Command Injection Vulnerability
Restorepoint is prone to a remote command-injection vulnerability.
Attackers can exploit this issue to execute arbitrary commands in the context of the application.
Restorepoint 3.2 Evaluation is affected; other versions may also be vulnerable.
Restorepoint is prone to a remote command-injection vulnerability.
Attackers can exploit this issue to execute arbitrary commands in the context of the application.
Restorepoint 3.2 Evaluation is affected; other versions may also be vulnerable.
Exploit / POC
Restorepoint 'remote_support.cgi' Remote Command Injection Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Restorepoint 'remote_support.cgi' Remote Command Injection Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Restorepoint 'remote_support.cgi' Remote Command Injection Vulnerability
References:
References:
- MATTA-2011-003 (Tavaris Desamito)
- Restorepoint Homepage (TADASoft )