Details of VAR-201608-0496

ID

VAR-201608-0496

TITLE

Barracuda Web App Firewall/Load Balancer Remote Command Execution Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2016-06010

DESCRIPTION

Barracuda is the general name for a hard drive product line from Seagate Technology. BarracudaWebAppFirewallFirmware, LoadBalancerFirmware has a remote command execution vulnerability. An attack can exploit this vulnerability and inject it into a system command by sending a specially crafted request.

Trust: 0.6

sources: CNVD: CNVD-2016-06010

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-06010

AFFECTED PRODUCTS

vendor:

seagate

model:

technology barracuda web app firewall

scope:

lte

version:

<=8.0.1.008

Trust: 0.6

sources: CNVD: CNVD-2016-06010

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2016-06010
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2016-06010
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2016-06010

EXTERNAL IDS

db:	EXPLOITDB	id:	40176	Trust: 0.6
db:	EXPLOIT-DB	id:	40176	Trust: 0.6
db:	CNVD	id:	CNVD-2016-06010	Trust: 0.6

sources: CNVD: CNVD-2016-06010

REFERENCES

url:

https://www.exploit-db.com/exploits/40176/

Trust: 0.6

sources: CNVD: CNVD-2016-06010

SOURCES

db:

CNVD

id:

CNVD-2016-06010

LAST UPDATE DATE

2022-05-17T01:46:27.084000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2016-06010

date:

2016-08-04T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2016-06010

date:

2016-08-04T00:00:00