Share:

CVE-2019-11364 - Prophecyinternational Snare Central

August 30, 2019

Critical 7.2

An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter.

Affected software

Prophecyinternational Snare Central

Reference links

https://prophecyinternational.atlassian.net/wiki/spaces/SC7/pages/158760961/Release+Notes+for+Snare+Central+v7.4.5

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.