{"id":"CVE-2016-3728","details":"Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE template type portion of the PATH_INFO to tftp/.","modified":"2026-04-10T03:49:37.208938Z","published":"2016-05-20T14:59:04.387Z","references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2016/05/19/2"},{"type":"WEB","url":"http://projects.theforeman.org/issues/14931"},{"type":"ADVISORY","url":"http://theforeman.org/security.html#2016-3728"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHBA-2016:1501"},{"type":"FIX","url":"https://github.com/theforeman/smart-proxy/commit/eef532aa668d656b9d61d9c6edf7c2505f3f43c7"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/theforeman/smart-proxy","events":[{"introduced":"0"},{"last_affected":"27b23f5ab93b02faf66bb93579b79d52bcc4847f"},{"introduced":"0"},{"last_affected":"515fc38cd5b70c54d334e200a39212e87b3e1d35"},{"introduced":"0"},{"last_affected":"0f8697bfca6d733f39cd0afed9a08d36861ea354"},{"introduced":"0"},{"last_affected":"0fc7173e8ed5ba201053f6938d661e887e1250b0"},{"introduced":"0"},{"last_affected":"e5e958765d3982cda306a8e2b433c91149314fef"},{"introduced":"0"},{"last_affected":"8c7d94981dd1d6634ba5379a9fd92ef7c16dc9c2"},{"fixed":"eef532aa668d656b9d61d9c6edf7c2505f3f43c7"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.11.0"},{"introduced":"0"},{"last_affected":"1.11.0-rc1"},{"introduced":"0"},{"last_affected":"1.11.0-rc2"},{"introduced":"0"},{"last_affected":"1.11.0-rc3"},{"introduced":"0"},{"last_affected":"1.11.1"},{"introduced":"0"},{"last_affected":"1.10.3"}]}}],"versions":["0.1","0.2","0.2rc2","0.3","1.0","1.0RC1","1.0RC2","1.1","1.10.0","1.10.0-RC1","1.10.0-RC2","1.10.0-RC3","1.10.1","1.10.2","1.10.3","1.11.0","1.11.0-RC1","1.11.0-RC2","1.11.0-RC3","1.11.1","1.1RC1","1.1RC2","1.1RC3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3728.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}