Endian Firewall prior to 3.0 allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
endian firewall endian firewall |