Command Injection Vulnerability in Mutiny Monitoring Appliance Allows Arbitrary Command Execution

CVE-2018-15529 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

A command injection vulnerability in maintenance.cgi in Mutiny "Monitoring Appliance" before 6.1.0-5263 allows authenticated users, with access to the admin interface, to inject arbitrary commands within the filename of a system upgrade upload.

Learn more about our User Device Pen Test.