CyberSec.Space Logo
返回 CVE 浏览器

CVE-2015-2033

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1490%
EPSS Percentile12.59th
Published2015年2月20日
Last Modified2026年5月6日

Vulnerability Description

Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request.

Affected Platforms (CPE)

📦
Infoblox

Netmri

<= 6.8.2.11

References & Advisories

🔗 http://unsecurityresearch.com/index.php?option=com_content&view=article&id=46&Itemid=53
🔗 http://www.securityfocus.com/bid/73423
🔗 https://support.infoblox.com/app/answers/detail/a_id/3666/kw/NETMRI-23483
🔗 http://unsecurityresearch.com/index.php?option=com_content&view=article&id=46&Itemid=53
🔗 http://www.securityfocus.com/bid/73423
🔗 https://support.infoblox.com/app/answers/detail/a_id/3666/kw/NETMRI-23483

相关漏洞威胁

CVE-2014-341810.0

config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacha...

CVE-2014-34197.2

Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for loca...

CVE-2018-66436.1

Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter.

CVE-2016-64846.1

CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP h...