Vulnerabilities > Nfsen > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-10 | CVE-2017-7175 | OS Command Injection vulnerability in Nfsen 1.2.3/1.3.7 NfSen before 1.3.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the customfmt parameter (aka the "Custom output format" field). | 9.9 |
| 2017-03-22 | CVE-2017-6972 | Improper Check for Dropped Privileges vulnerability in multiple products AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971. | 9.8 |