Barracuda CloudGen WAN OS Command Injection
Barracuda CloudGen WAN provides a private edge appliance for hybrid deployments. An authenticated user in the administration interface for the private edge virtual appliance can inject arbitrary OS commands via the /ajax/update_certificate endpoint. Versions prior to v8.* hotfix 1089
are affected.
https://packetstormsecurity.com/files/171235/SA-20230228-0.txt
Fri, 03 Mar 2023 15:58:42 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com (2:467/4.444)