CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
85.6%
securityfocus reports:
An attacker with local access could potentially exploit this issue
to perform symbolic-link attacks, overwriting arbitrary files in the
context of the affected application.
Successfully mounting a symlink attack may allow the attacker to
delete or corrupt sensitive files, which may result in a denial of
service. Other attacks may also be possible.
Verlihub is prone to a remote command-execution vulnerability
because it fails to sufficiently validate user input.
Successfully exploiting this issue would allow an attacker to
execute arbitrary commands on an affected computer in the context of
the affected application.