CVE-2018-12483 -- ocsinventory-serverID: oval:org.secpod.oval:def:1902019 | Date: (C)2019-06-07 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscover_analyser rzo GET parameter is concatenated to a string used in an exec call in the PHP code. Authentication is needed in order to exploit this vulnerability.
Platform: |
Ubuntu 16.04 |
Ubuntu 18.10 |
Ubuntu 18.04 |
Product: |
ocsinventory-server |