Smart.Publisher.Disp.PHP.Filedata.Parameter.Code.Injection

description-logoDescription

This indicates an attempt to exploit a code injection vulnerability in Smart Publisher.
The vulnerability is caused by an input validation error in "admin/op/disp.php" when handling input passed to "filedata". It allows remote attackers to execute arbitrary php code via a specially crafted http request.

affected-products-logoAffected Products

Netwerk Smart Publisher 1.0.1

Impact logoImpact

System Compromise: remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-01-11 16.995