Arbitrary Command Execution Vulnerability in Dell ML6000 and Quantum Scalar i500 Tape Backup Systems

Arbitrary Command Execution Vulnerability in Dell ML6000 and Quantum Scalar i500 Tape Backup Systems

CVE-2014-2959 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:P/A:P

logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote attackers to execute arbitrary commands via shell metacharacters in a pathname parameter.

Learn more about our Web Application Penetration Testing UK.