Xplico prior to 1.2.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the name of an uploaded PCAP file. NOTE: this issue can be exploited without authentication by leveraging the user registration feature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xplico xplico |