mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-13 18:22:07 +02:00
0xMarcio
818 B
818 B
CVE-2010-2892
Description
gsb/drivers.php in LANDesk Management Gateway 4.0 through 4.0-1.48 and 4.2 through 4.2-1.8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the DRIVES parameter, as demonstrated by a cross-site request forgery (CSRF) attack.
POC
Reference
- http://www.coresecurity.com/content/landesk-os-command-injection-vulnerability
- http://www.exploit-db.com/exploits/15488
Github
No PoCs found on GitHub currently.