Akips: >> Network Monitor >> 16.2 Security Vulnerabilities
The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter (a failed login attempt returns the command-injection output to a limited login failure field). This is fixed in 16.6.
CVSS Score
9.8
EPSS Score
0.158
Published
2020-01-06