Submit #505009: esafenet DSM v3.1.2 Command Injectioninfo

Titleesafenet DSM v3.1.2 Command Injection
DescriptionA command injection vulnerability To RCE exists in the examExportPDF method of the AdminPlanController class. This vulnerability allows an attacker to execute arbitrary commands on the server by manipulating the s parameter in the request.
Source⚠️ https://github.com/666lail/report/blob/main/tmp/2.md
User
 207556249 (UID 81808)
Submission02/21/2025 12:33 (1 Year ago)
Moderation03/02/2025 16:39 (9 days later)
StatusAccepted
VulDB entry298111 [ESAFENET DSM 3.1.2 examExportPDF s command injection]
Points16

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!