CyberSec.Space Logo
返回 CVE 浏览器

CVE-2009-4644

CRITICAL
9.0
CVSS Severity Score
EPSS Score0.1520%
EPSS Percentile13.02th
Published2010年2月19日
Last Modified2026年4月29日

Vulnerability Description

Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program.

Affected Platforms (CPE)

🔌
Accellion

Secure File Transfer Appliance

= 7_0_135
🔌
Accellion

Secure File Transfer Appliance

= 7_0_178
🔌
Accellion

Secure File Transfer Appliance

= 7_0_189
🔌
Accellion

Secure File Transfer Appliance

= 7_0_259
🔌
Accellion

Secure File Transfer Appliance

= 7_0_296

References & Advisories

🔗 http://www.portcullis-security.com/338.php
🔗 http://www.securityfocus.com/bid/38176
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/56248
🔗 http://www.portcullis-security.com/338.php
🔗 http://www.securityfocus.com/bid/38176
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/56248

相关漏洞威胁

CVE-2009-46469.0

Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote ...

CVE-2018-14538.8

IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or transfer files of dangerous type...

CVE-2009-46457.8

Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows ...

CVE-2009-46487.2

Accellion Secure File Transfer Appliance before 8_0_105 does not properly restrict access to sensitive commands and arguments that...