astrocam.cgi in AstroCam 0.9-1-1 up to and including 1.4.0 allows remote malicious users to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 up to and including 2.1.2, but the vendor explicitly stated that these were incorrect.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
astrocam astrocam 0.9-1-1 |
||
astrocam astrocam 0.9-5-1 |
||
astrocam astrocam 0.9-7-3 |
||
astrocam astrocam 1.0.1 |
||
astrocam astrocam 1.4 |