Arbitrary Command Execution in Brocade Vyatta vRouter Management Console
CVE-2014-4868

Currently unrated

Key Information:

Vendor: Brocade
Status: Vyatta 5400 Vrouter Software; Vyatta 5400 Vrouter
Vendor: CVE Published:; 7 October 2014

What is CVE-2014-4868?

The management console of the Brocade Vyatta 5400 vRouter versions 6.4R(x), 6.6R(x), and 6.7R1 is susceptible to a vulnerability that allows remote authenticated users to inject and execute arbitrary Linux commands. This can be exploited through the use of shell metacharacters in console commands, which can potentially lead to unauthorized actions within the system.

References

http://www.kb.cert.org/vuls/id/111588

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Oct 7, 2014
Vulnerability Reserved
Jul 10, 2014