Remote Command Execution Vulnerability in Fujitsu-Siemens WebTransactions
CVE-2008-5810

Currently unrated

Key Information:

Vendor: Fujitsu-siemens
Status: Webtransactions
Vendor: CVE Published:; 2 January 2009

Summary

The vulnerability in Fujitsu-Siemens WebTransactions, specifically within WBPublish, allows remote attackers to exploit improper handling of HTTP input. By injecting shell metacharacters, attackers can manipulate session data, such as directory names, template names, and session IDs, leading to the potential execution of arbitrary commands on the server.

References

http://www.sec-consult.com/files/20081219-0_fujitsu-sieme...

x_refsource_MISC

http://bs2www.fujitsu-siemens.de/update/securitypatch.htm...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/47495

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jan 2, 2009
Vulnerability Reserved
Jan 2, 2009