HomePentest-Tools.com Logo

Bomgar Remote Support < 15.1.1 Arbitrary Code Execution Vulnerability CVE-2015-0935

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Bomgar Remote Support is prone to an arbitrary code execution vulnerability.

Risk description

The flaw exists in the portal application that is triggered when deserializing untrusted input using the unserialize() function. Successful exploitation will allow a remote attacker to inject PHP objects and execute arbitrary code.

Recommendation

Update to version 15.1.1 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
May 25, 2015
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available