Arbitrary OS Command Execution via Crafted Serialized Data in Commvault Edge Server 10 R2 Web Console Cookie

Arbitrary OS Command Execution via Crafted Serialized Data in Commvault Edge Server 10 R2 Web Console Cookie

CVE-2015-7253 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The Web Console in Commvault Edge Server 10 R2 allows remote attackers to execute arbitrary OS commands via crafted serialized data in a cookie.

Learn more about our Web App Pen Testing.