|
|
|||
| Rule General Information |
|---|
| Release Date: | 2022-10-24 | |
| Rule Name: | Spon IP Intercom Remote command execution vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Spon has a remote command execution vulnerability. The vulnerability is caused by the existence of the connectivity test file ping.php and the unfiltered user input, which allows an unauthenticated malicious attacker to construct malicious HTTP requests and cause remote arbitrary command execution. | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |