CVE-2016-3728 - Arbitrary code execution via TFTP file variant parameter
|Triaged:||Fixed in Releases:|
|Bugzilla link:||Found in Releases:|
An arbitrary code execution vulnerability has been reported in the TFTP module, where the variant part of the URL (/tftp/<variant>/<MAC>) is passed into eval().
Mitigation: ensure trusted_hosts is set to only authorise Foreman hosts to use the API, and preferably only use HTTPS for better authentication.
Affects Smart Proxy 0.2 or higher.
Thanks to Lukas Zapletal for reporting to firstname.lastname@example.org, a CVE will be assigned shortly.