Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain :password and a password field can contain shell metacharacters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Barracuda CloudGen WAN 操作系统命令注入漏洞
Vulnerability Description
Barracuda Networks Barracuda CloudGen WAN是美国梭子鱼(Barracuda Networks)公司的通过 Azure 虚拟 WAN 轻松地将您的所有位置连接到 Microsoft 全球网络的工具。 Barracuda CloudGen WAN Private Edge Gateway devices 8 webui-sdwan-1089-8.3.1-174141891之前版本存在安全漏洞。攻击者利用该漏洞通过特制的HTTP请求执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A