In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually executed with the privileges of the vulnerable application. Command injection attacks are possible largely due to insufficient input validation.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HVersa Networks Versa Director
APPVersa-Networkswszystkie wersje
Related vulnerabilities
The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is...
The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication (2FA) using One-Time Pas...
A XSS vulnerability exists in Versa Director Release: 16.1R2 Build: S8. An attacker can use the administration...
In Versa Director, the un-authentication request found.
In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored with...