|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-04-03 | |
| Rule Name: | Panabit Panalog Command Execution Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Panalog is a traffic analysis, log analysis and management software. The Panalog big data log audit system sy_query.php has a command execution vulnerability. The vulnerability is that the value of the username parameter is not fully filtered, which leads to an attacker injecting any command through the parameter to obtain the server permission. | |
| Impact: | An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |