CVE-2017-16664

Posted on 2017년 11월 21일2017년 11월 22일 by admin

CVE-2017-16664

Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attackeer can execute shell commands as the webserver user via URL manipulation.

Source: CVE-2017-16664

답글 남기기 응답 취소