Executive Summary

Informations
Name CVE-2012-0262 First vendor Publication 2013-12-31
Vendor Cve Last vendor Modification 2014-01-02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0262

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-94 Failure to Control Generation of Code ('Code Injection')

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 15

OpenVAS Exploits

Date Description
2012-01-09 Name : op5 Appliance Multiple Remote Command Execution Vulnerabilities
File : nvt/gb_op5_51212.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
78065 op5 Appliance system-op5config Component op5config/welcome password Parameter...

op5 Appliance contains an input validation flaw related to the system-op5config component that allows a remote attacker to execute arbitrary shell commands via command injection.

Nessus® Vulnerability Scanner

Date Description
2012-01-17 Name : The remote web server hosts a PHP application that is vulnerable to arbitrary...
File : op5_config_command_execution.nasl - Type : ACT_ATTACK

Sources (Detail)

Source Url
CONFIRM http://www.op5.com/news/support-news/fixed-vulnerabilities-op5-monitor-op5-ap...
https://bugs.op5.com/view.php?id=5094
FULLDISC http://seclists.org/fulldisclosure/2012/Jan/62
MISC http://www.ekelow.se/file_uploads/Advisories/ekelow-aid-2012-01.pdf
OSVDB http://www.osvdb.org/78065
SECUNIA http://secunia.com/advisories/47417

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
Date Informations
2021-05-05 01:09:54
  • Multiple Updates
2021-05-04 12:19:00
  • Multiple Updates
2021-04-22 01:22:43
  • Multiple Updates
2020-05-23 13:16:59
  • Multiple Updates
2020-05-23 01:47:54
  • Multiple Updates
2020-05-23 00:32:39
  • Multiple Updates
2016-06-28 18:58:53
  • Multiple Updates
2016-04-26 21:25:00
  • Multiple Updates
2016-03-06 05:24:18
  • Multiple Updates
2016-03-06 00:24:25
  • Multiple Updates
2014-02-17 11:07:16
  • Multiple Updates
2014-01-03 21:19:54
  • Multiple Updates
2014-01-01 00:18:40
  • First insertion