|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-04-03 | |
| Rule Name: | Netentsec NS-ASG getsysdatetime.php Remote Command Execution Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | The getsysdatetime.php file of Netentsec NS-ASG security gateway has a remote command execution vulnerability. The vulnerability is caused by not filtering the value of the messagecontent parameter sufficiently, which allows an attacker to inject arbitrary commands through the parameter to gain server privileges. | |
| Impact: | An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |