|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-06-25 | |
| Rule Name: | AJ-Report Remote Command Execution Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | AJ-Report is an entirely open-source BI platform. The platform can execute commands through the post method in the corresponding value of the validationRules parameter, which can obtain server permissions and take over the management console by logging into the backend. | |
| Impact: | An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |