Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE template type portion of the PATH_INFO to tftp/.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2016-05-20T14:00:00
Updated: 2018-01-04T19:57:01
Reserved: 2016-03-30T00:00:00
Link: CVE-2016-3728
JSON object: View
NVD Information
Status : Modified
Published: 2016-05-20T14:59:04.387
Modified: 2023-02-12T23:20:09.057
Link: CVE-2016-3728
JSON object: View
Redhat Information
No data.
CWE