Dolibarr.ERP.and.CRM.edit.php.Code.Injection
Description
This indicates an attack attempt to exploit a Command Injection Vulnerability in Dolibarr ERP and CRM Suite.
The vulnerability is due to insufficient sanitization of parameters. A remote attacker could exploit this vulnerability by sending a maliciously crafted request to the server. A successful attack may result in remote code execution on the target server.
Affected Products
Dolibarr ERP and CRM Suite prior to 16.0.0
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/Dolibarr/dolibarr/releases
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |