Description
Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string.
References (2)
Core 2
Core References
Exploit x_refsource_misc
http://www.portcullis-security.com/339.php
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38538
Scores
EPSS
0.0172
EPSS Percentile
74.6%
Details
CWE
CWE-94
Status
published
Products (1)
accellion/secure_file_transfer_appliance
Published
Feb 19, 2010
Tracked Since
Feb 18, 2026