Vendor
Snare Central
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- 2 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-11364 | Hig | 0.47 | 7.2 | 0.02 | Aug 29, 2019 | An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter. | ||
| CVE-2019-11363 | Hig | 0.47 | 7.2 | 0.01 | Aug 29, 2019 | A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter. |
- risk 0.47cvss 7.2epss 0.02
An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter.
- risk 0.47cvss 7.2epss 0.01
A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter.