Vulnerability identifier: #VU35778
Vulnerability risk: High
Exploitation vector: Network
Exploit availability: No
Pulse Connect Secure
Server applications / Remote access servers, VPN
Vendor: Pulse Secure
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An input validation issue has been found with login_meeting.cgi in Pulse Secure Pulse Connect Secure 8.3RX before 8.3R2.
Install update from vendor's website.
Vulnerable software versions
Pulse Connect Secure: 8.3
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?