CVE-2014-2959
Dell PowerVault ML6000 Firmware < i8.2.0.2 - Remote Code Execution via logViewer.htm Pathname Parameter
Title source: llmDescription
logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote attackers to execute arbitrary commands via shell metacharacters in a pathname parameter.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/67751
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/124908
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/59019
Scores
EPSS
0.0147
EPSS Percentile
81.2%
Details
CWE
CWE-78
Status
published
Products (7)
dell/powervault_ml6000
32u
dell/powervault_ml6000
41u
dell/powervault_ml6000_firmware
< i8.2.0.1_\(641g.gs003\)
quantum/scalar_i500
5u
quantum/scalar_i500
14u
quantum/scalar_i500
23u
quantum/scalar_i500_firmware
< i8.2.2.1_\(646g.gs002\)
Published
Jun 02, 2014
Tracked Since
Feb 18, 2026