Vulnerability Details CVE-2017-6526
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi POST requests).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.837
EPSS Ranking 99.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://www.securityfocus.com/bid/96823
- https://www.exploit-db.com/exploits/41578/
- https://www.shorebreaksecurity.com/blog/product-security-advisory-psa0002-dnalims/
- http://www.securityfocus.com/bid/96823
- https://www.exploit-db.com/exploits/41578/
- https://www.shorebreaksecurity.com/blog/product-security-advisory-psa0002-dnalims/