Pulse Secure VPN Arbitrary Command Execution
Posted by deepcore on April 7, 2021 – 8:32 pm
Pulse Secure Pulse Connect Secure versions 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure versions 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1 have an administrative web interface that allows an authenticated attacker to inject and execute commands.
Post a reply
You must be logged in to post a comment.