Snare Central
Monthly
An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.