Blog | G5 Cyber Security

Vulnerability Spotlight: Two vulnerabilities in Epignosis eFront

Epignosis eFront is an LMS platform that allows users to control their virtual training environments and data. One vulnerability could allow an attacker to remotely execute code on the victim system, and another that opens the victim machine to SQL injections. eFront confirmed that they released eFront version 5.2.13 to address these issues. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required. The software boasts the ability to allow large companies to train their employees quickly.”]

Source: https://blog.talosintelligence.com/2019/09/vuln-spotlight-epignosis-rce-sql-efront-sept-19.html

Exit mobile version