The Mutiny Technology virtual appliance contains a command injection vulnerability which could allow an attacker to inject commands into the appliance.
CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
The Mutiny Technology virtual appliance contains a network interface menu which is vulnerable to command injection with root privileges.
An authenticated attacker can run arbitrary commands on the appliance.
Thanks to Christopher Campbell for reporting this vulnerability.
This document was written by Michael Orlando.
|Date First Published:||2012-10-22|
|Date Last Updated:||2012-10-22 12:05 UTC|