Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-17	CVE-2018-20727	OS Command Injection vulnerability in Nedi Multiple command injection vulnerabilities in NeDi before 1.7Cp3 allow authenticated users to execute code on the server side via the flt parameter to Nodes-Traffic.php, the dv parameter to Devices-Graph.php, or the tit parameter to drawmap.php. network low complexity nedi CWE-78	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.