CVE-2019-17096
9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the get_image_url() function in special circumstances to inject a system command.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Bitdefender | Bitdefender BOX 2 | 2.1.47.42 < 2.1.59-12 | affected |
| Bitdefender | Bitdefender BOX 2 | 2.1.53.45 < 2.1.59-12 | affected |
Weaknesses
- CWE-78: CWE-78 OS Command Injection
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.