Vulnerabilities > CVE-2018-5694 - Unspecified vulnerability in Fop2 Flash Operator Panel 2.31.03

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

fop2

NVD

Published: 2018-01-14

Updated: 2019-10-03

Summary

The callforward module in User Control Panel (UCP) in Nicolas Gudino (aka Asternic) Flash Operator Panel (FOP) 2.31.03 allows remote authenticated users to execute arbitrary commands via the command parameter.

Vulnerable Configurations

Part	Description	Count
Application	Fop2 Fop2 Flash Operator Panel 2.31.03	1

Vulner Lab

id	VULNERLAB:1907
last seen	2019-07-10
modified	2018-01-08
published	2018-01-08
reporter	Vulnerability-Lab [[email protected]] - https://www.vulnerability-lab.com/show.php?user=Vulnerability-Lab
source	http://www.vulnerability-lab.com/get_content.php?id=1907
title	Flash Operator Panel v2.31.03 - Command Execution

References

https://www.vulnerability-lab.com/get_content.php?id=1907