Cobbler Remote Code Execution Vulnerability
Discription

Cobbler is a network installation server suite that is primarily used to quickly build Linux network installation environments. remote code execution vulnerability exists in versions of Cobbler prior to 3.3.0, which stems from the failure of a network system or product to properly filter special elements in the external input data during the construction of code segments, which can be exploited by an attacker via a specially crafted XMLRPC method to record log files for template injection, resulting in log poisoning and remote code execution.Read More

Back to Main

Subscribe for the latest news: