An OS Command Injection vulnerability in the configuration parser of Eve-NG Professional up to and including 4.0.1-65 and Eve-NG Community up to and including 2.0.3-112 allows a remote authenticated malicious user to execute commands as root by editing virtualization command parameters of imported UNL files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
eve-ng eve-ng |