Main
Vulnerability Database
Exploits
ID:58 - Exploit for Command injection in SenNet Data Logger - CVE-2017-6048
ID:58 - Exploit for Command injection in SenNet Data Logger - CVE-2017-6048
Published: March 18, 2020
Vulnerability identifier: #VU6550
Vulnerability risk: High
CVE-ID: CVE-2017-6048
CWE-ID: CWE-77
Exploitation vector: Remote access
Vulnerable software:
SenNet Data Logger
SenNet Data Logger
Link to public exploit:
Vulnerability description
The vulnerability allows a remote unauthenticated attacker to execute arbitrary commands on a targeted system.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker can break out the jailed shell, gain elevated privileges and execute arbitrary commands on the system.
Successful exploitation of the vulnerability may result in full system compromise.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker can break out the jailed shell, gain elevated privileges and execute arbitrary commands on the system.
Successful exploitation of the vulnerability may result in full system compromise.
Remediation
Install update from vendor's website.