CVE-2015-7839

SolarWinds Log and Event Manager - Remote Command Execution via Traceroute Functionality

Title source: llm
STIX 2.1

Description

SolarWinds Log and Event Manager (LEM) allows remote attackers to execute arbitrary commands on managed computers via a request to services/messagebroker/nonsecurestreamingamf involving the traceroute functionality.

References (1)

Core 1
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-461

Scores

EPSS 0.0861
EPSS Percentile 92.5%

Details

CWE
CWE-77
Status published
Products (1)
solarwinds/log_and_event_manager
Published Oct 15, 2015
Tracked Since Feb 18, 2026