Main Vulnerability Database Exploits ID:4101 - Exploit for Input validation error in Redmine - CVE-2011-4929

ID:4101 - Exploit for Input validation error in Redmine - CVE-2011-4929

Published: August 11, 2020

Vulnerability identifier: #VU43417

Vulnerability risk: Medium

CVE-ID: CVE-2011-4929

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
Redmine

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/unix/webapp/redmine_scm_exec

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x before 1.0.5 allows remote attackers to execute arbitrary commands via unknown vectors.

Remediation

Install update from vendor's website.

ID:4101 - Exploit for Input validation error in Redmine - CVE-2011-4929

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human