Vulnerabilities > Accellion > Secure File Transfer Appliance > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-02-19 | CVE-2009-4644 | OS Command Injection vulnerability in Accellion Secure File Transfer Appliance Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program. | 9.0 |
| 2010-02-19 | CVE-2009-4646 | Code Injection vulnerability in Accellion Secure File Transfer Appliance Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string. | 9.0 |