The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive valid output from the device.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-06-03T19:00:05
Updated: 2024-08-05T19:42:22.207Z
Reserved: 2017-09-27T00:00:00
Link: CVE-2017-14853
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-06-03T19:29:00.500
Modified: 2019-06-04T19:17:52.450
Link: CVE-2017-14853
Redhat
No data.