Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually executed with the privileges of the vulnerable application. Command injection attacks are possible largely due to insufficient input validation.
CVSS Information
N/A
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Versa Director 命令注入漏洞
Vulnerability Description
Versa Networks Versa Director是美国Versa Networks公司的一个虚拟化和服务创建平台。可简化使用Versa FlexVNF的服务创建,自动化和交付。 Versa Director 中存在命令注入漏洞,该漏洞源于未对用户输入做有效的判断,攻击者可通过不安全的应用程序将数据(表单、cookie、HTTP头等)传递给系统shell时引发命令注入。
CVSS Information
N/A
Vulnerability Type
N/A