First published: Thu Sep 17 2020(Updated: )
An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf that would allow executing commands on the target server.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
TitanHQ SpamTitan | =7.07 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2020-11698 is critical with a CVSS score of 9.8.
CVE-2020-11698 affects Titan SpamTitan 7.07 by allowing a remote attacker to inject commands into the file snmpd.conf and execute commands on the target server.
To fix CVE-2020-11698, it is recommended to apply the latest security patches or updates provided by TitanHQ for SpamTitan 7.07.
Yes, there are known exploits for CVE-2020-11698. It is important to take immediate action to mitigate the vulnerability.
You can find more information about CVE-2020-11698 on the following references: [1] http://packetstormsecurity.com/files/159470/SpamTitan-7.07-Remote-Code-Execution.html [2] http://packetstormsecurity.com/files/160809/SpamTitan-7.07-Command-Injection.html [3] https://github.com/felmoltor