Main
Vulnerability Database
Exploits
ID:3982 - Exploit for OS Command Injection in NetMRI - CVE-2014-3418
ID:3982 - Exploit for OS Command Injection in NetMRI - CVE-2014-3418
Published: August 11, 2020
Vulnerability identifier: #VU41476
Vulnerability risk: High
CVE-ID: CVE-2014-3418
CWE-ID: CWE-78
Exploitation vector: Remote access
Vulnerable software:
NetMRI
NetMRI
Link to public exploit:
Vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter.
Remediation
Install update from vendor's website.