CVE-2007-3011
Fujitsu-Siemens Computers ServerView <4.50.09 - Command Injection
Title source: llmDescription
The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by RedTeam Pentesting GmbH · textremotemultiple
https://www.exploit-db.com/exploits/30264
References (8)
Core 8
Core References
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24762
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25944
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35257
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/472800/100/0/threaded
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2441
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/37835
Exploit, Patch, Vendor Advisory x_refsource_misc
http://www.redteam-pentesting.de/advisories/rt-sa-2007-002.php
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/2858
Scores
EPSS
0.2582
EPSS Percentile
96.3%
Details
Status
published
Products (33)
fujitsu/serverview
2.50
fujitsu/serverview
3.60l98
fujitsu/serverview
3.60l99
fujitsu/serverview
4.10l11
fujitsu/serverview
4.11l11b
fujitsu/serverview
4.11l81
fujitsu/serverview
4.30.1
fujitsu/serverview
4.30.2
fujitsu/serverview
4.30.3
fujitsu/serverview
4.30.4
... and 23 more
Published
Jul 05, 2007
Tracked Since
Feb 18, 2026