Cobbler 2.8.2 Command Injection Vulnerability: Arbitrary Code Execution as Root User

Cobbler 2.8.2 Command Injection Vulnerability: Arbitrary Code Execution as Root User

CVE-2017-1000469 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.

Learn more about our User Device Pen Test.