5 matches found
EUVD-2018-19454
Malware in sbrugna...
CVE-2018-7739
antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=&password=%0a string to the /login URI. This allows obtaining root permissions within the web management console, because the...
Input validation
antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=&password=%0a string to the /login URI. This allows obtaining root permissions within the web management console, because the...
Antsle antman authentication bypass vulnerability
Antsle antman is a private cloud server product from Antsle USA. A security vulnerability exists in Antsle antman prior to version 0.9.1a, which stems from the login process using Java's ProcessBuilder class and a bash script that fails to adequately filter input when calling antsle-auth. A remot...
CVE-2018-7739
antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=&password=%0a string to the /login URI. This allows obtaining root permissions within the web management console, because the...