Command Injection Vulnerability in Novell Filr Products
CVE-2016-1608

8.8HIGH

Key Information:

Vendor: Novell
Status: Filr
Vendor: CVE Published:; 1 August 2016

🔔 Create Novell Vulnerability Alert

What is CVE-2016-1608?

The vulnerability in Novell Filr allows remote authenticated users to execute arbitrary commands through the exploitation of shell metacharacters in the ntpServer parameter. This can lead to unauthorized actions being performed on the server, potentially compromising the security of the affected system.

References

http://seclists.org/bugtraq/2016/Jul/119

mailing-listx_refsource_BUGTRAQ

https://download.novell.com/Download?buildid=3V-3ArYN85I~

x_refsource_CONFIRM

https://www.exploit-db.com/exploits/40161/

exploitx_refsource_EXPLOIT-DB

EPSS Score

10% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 1, 2016
Vulnerability Reserved
Jan 12, 2016

.