Pexip Infinity CVE-2017-6551 Remote Code Execution Vulnerability

Pexip Infinity is prone to a remote code-execution vulnerability.

Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions.

Pexip Infinity versions prior to 14.2 are vulnerable.

Information

Bugtraq ID: 97954
Class: Input Validation Error
CVE: CVE-2017-6551

Remote: Yes
Local: No
Published: Apr 20 2017 12:00AM
Updated: Apr 21 2017 03:07PM
Credit: The vendor reported the issue.
Vulnerable: Pexip Pexip Infinity 14.0

Not Vulnerable: Pexip Pexip Infinity 14.2

References:

• Pexip Home Page (Pexip)
  
• Security Bulletin: CVE-2017-6551 (Pexip)
  

Source: www.securityfocus.com