Description
A command injection vulnerability exists in the dashboard scheduler feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-51279 | A command injection vulnerability exists in the dashboard scheduler feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system. |
References
| Link | Providers |
|---|---|
| https://www.securifera.com/advisories/cve-2022-48583/ |
|
History
Thu, 10 Oct 2024 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: Securifera
Published:
Updated: 2024-10-10T14:52:38.496Z
Reserved: 2023-08-09T16:58:35.310Z
Link: CVE-2022-48583
Updated: 2024-08-03T15:17:55.274Z
Status : Modified
Published: 2023-08-09T18:15:11.187
Modified: 2026-06-17T05:15:38.973
Link: CVE-2022-48583
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
EUVD