Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2017-11366
HistoryAug 21, 2017 - 1:29 a.m.

CVE-2017-11366

2017-08-2101:29:00
CWE-78
[email protected]
web.nvd.nist.gov
38
codiad
2.8.4
remote command execution
vulnerability
nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.041 Low

EPSS

Percentile

92.2%

JSON

components/filemanager/class.filemanager.php in Codiad before 2.8.4 is vulnerable to remote command execution because shell commands can be embedded in parameter values, as demonstrated by search_file_type.

Affected configurations

NVD
Node
codiadcodiadRange2.8.3
CPENameOperatorVersion
codiad:codiadcodiadle2.8.3

Related

prion 2
github 2
osv 4
veracode 2
nvd 4
cvelist 2
cve 3
checkpoint_advisories 1
prion
prion
Command injection
2017-08-21 01:29:00
Remote code execution
2018-07-12 16:29:00
github
github
Codiad Vulnerable to Shell Command Injection
2022-05-13 01:42:17
Codiad remote code execution vulnerability
2022-05-13 01:11:16
osv
osv
CVE-2017-11366
2017-08-21 01:29:00
Codiad Vulnerable to Shell Command Injection
2022-05-13 01:42:17
CVE-2018-14009
2018-07-12 16:29:06
veracode
veracode
Remote Command Execution (RCE)
2017-08-21 09:24:23
Remote Code Execution (RCE)
2017-08-25 08:56:17
nvd
nvd
CVE-2017-11366
2017-08-21 01:29:00
CVE-2017-1000165
2017-08-21 00:29:00
CVE-2017-1000124
2017-08-21 01:29:00
cvelist
cvelist
CVE-2017-11366
2017-08-21 01:00:00
CVE-2018-14009
2018-07-12 16:00:00
cve
cve
CVE-2017-1000165
2022-10-03 16:23:10
CVE-2017-1000124
2022-10-03 16:23:10
CVE-2018-14009
2018-07-12 16:29:06
checkpoint_advisories
checkpoint_advisories
Codiad Remote Code Execution (CVE-2018-14009; CVE-2017-11366; CVE-2017-15689)
2021-04-05 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.041 Low

EPSS

Percentile

92.2%

JSON
Related for CVE-2017-11366
prion2github2osv4veracode2nvd4cvelist2cve3checkpoint_advisories1