SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  WWBN AVideo downloadURL Command Injection

Category: WEB-ATTACKS      

An os command injection vulnerability exists in the aVideoEncoder wget functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability.

References
http://en.wikipedia.org/wiki/Obfuscation_%28software%29


Relevant Information