VU#947701: Freewill Solutions IFIS new trading web application vulnerable to unauthenticated remote code execution

Opsfolio Community
August 7, 2023, 2 months ago
29

Overview Freewill Solutions IFIS new trading web application version 20.01.01.04 is vulnerable to unauthenticated remote code execution. Successful exploitation of this vulnerability allows an attacker to run arbitrary shell commands on the affected host. Description Freewill Solutions IFIS new trading web application passes a user controlled variable directly to a shell_exec function call on a specific report page. To exploit the vulnerability, an attacker can add shell meta characters to the user controlled variable so that the application executes attacker...

Source: https://kb.cert.org/vuls/id/947701

VU#947701: Freewill Solutions IFIS new trading web application vulnerable to unauthenticated remote code execution

VU#947701: Freewill Solutions IFIS new trading web application vulnerable to unauthenticated remote code execution

Subscribe To Our Newsletter!

Popular Posts

What A Cybersecurity Degree Teach You About Protecting Businesses Against Threats

Steps to creating a healthcare app

Cybersecurity Tips For Freelance Healthcare Workers

How to Create a Secure Healthcare Website?

How to keep your child safe from infections when you are not at home?

POPULAR Media

Ransomware Payouts Are On The Rise

Defense Against Socially Engineered Attacks

Address Ransomware With Multiple Layered Security

Hitrust – Streamlining the Compliance Process