CVE-2007-1836 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-1836

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

The command line administration interface in Data Domain OS before 4.0.3.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in certain arguments to various commands, as demonstrated by the interface argument to the (1) ifconfig and (2) ping commands.

Affected Software

Name	Vendor	Start Version	End Version
Data_domain_os	Data_domain	*	4.0.3.5 (including)

References

http://osvdb.org/34537
http://secunia.com/advisories/24666
http://securityreason.com/securityalert/2516
http://www.securityfocus.com/archive/1/464085/100/0/threaded
http://www.securityfocus.com/bid/23182
https://exchange.xforce.ibmcloud.com/vulnerabilities/33291
http://osvdb.org/34537
http://secunia.com/advisories/24666
http://securityreason.com/securityalert/2516
http://www.securityfocus.com/archive/1/464085/100/0/threaded
http://www.securityfocus.com/bid/23182
https://exchange.xforce.ibmcloud.com/vulnerabilities/33291