CVE-2017-7462

Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory...

Anybus Modbus Gateway - Authenticated Directory Traversal Vulnerability

The cgi-bin/read.cgi CGI script in the cgi-bin folder on the devices webserver is vulnerable to directly traversal by directly including any file. It typically includes files from the /home/httpd/jjs directoy but you can access files outside of the main webserver directory. There's 67 of these...

IDS VSE IP Camera - Authenticated Remote Code Execution Vulnerability

The ctrl.cgi script on the device's webserver that runs as root is vulnerable to remote command execution by an authenticated user, with the default password being "admin:admin". The sntpip GET parameter is fed to the command line by the CGI script without sanitization for semicolons, allowing an...

CVE-2016-6534

Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script. Versions before 8.5.12G might be affected in non-default configurations...

Command injection

Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script. Versions before 8.5.12G might be affected in non-default configurations...

CVE-2016-6534

CVE-2016-6534 affects Opmantek NMIS prior to 4.3.7c (and potential exposure in non-default configurations for versions earlier than 8.5.12G). The vulnerability is a command injection via the tools.pl CGI script, exploitable through the following utilities: man, finger, ping, trace, and nslookup. ...

CVE-2016-6534

Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script. Versions before 8.5.12G might be affected in non-default configurations...

Intellinet NFC-30IR Camera - Multiple Vulnerabilities

Bitcrack Cyber Security - BitLabs Advisory http://www.bitcrack.net Multiple Vulnerabilities in Intellinet NFC-30IR Network Cameras ADVISORY -------- Title: Local File Inclusion in CGI-SCRIPT & Hard-Coded Manufacturer Backdoor Advisory ID: BITL-17-001 Date published: 2017-04-05 Date of last update...

Httpoxy Vulnerability Through CGI Servlet

web-core is vulnerable to a remotely exploitable vulnerability aka "httpoxy". The vulnerability exists when CGI Servlet is activated in the configuration by modifying the web.xml. It then allows the execution of a CGI script which may assign client request Proxy header values to internal HTTPPROX...

TEW-654TR router vulnerability analysis and mining-vulnerability warning-the black bar safety net

Read the complete devttys0 predecessors of”exploiting embedded systems”series. Analysis under the relevant firmware router model: TEW-654TR firmware download address: http://download.trendnet.com/TEW-654TR/firmware/ 0×01 environment settings ! !/ bin/bash INPUT="$1" LEN=$echo-n "$INPUT" | wc-c...

Ubiquiti Inc.: [EdgeSwitch] Web GUI command injection as root with Privilege-1 and Privilege-15 users

The researcher found a privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user Privilege-1 to escalate privileges and became administrator Privilege-15. OS command injection i...

SunellSecurity NVR / Camera - Denial Of Service

Exploit for hardware platform in category dos / poc Exploit Title: SunellSecurity NVR / Cams - Buffer overflow in CGI Date: 11.2.2016 Exploit Author: qwsj Vendor Homepage: https://github.com/qwsj Version: 1.6.08-09 / 2.0.06-08 Tested on: Windows / Linux Bug in CGI scrypt's for develop. Web servic...

[ASA-201611-6] tomcat6: proxy injection

Arch Linux Security Advisory ASA-201611-6 ========================================= Severity: Medium Date : 2016-11-02 CVE-ID : CVE-2016-5388 Package : tomcat6 Type : proxy injection Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package tomcat6 before version...

F5 Networks BIG-IP : pcregrep in PCRE vulnerability (K05428062)

pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client. CVE-2015-8393 C Tenable Network Security, Inc. The descriptive text an...

Important: python-twisted-web

Issue Overview: It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP...

AVTECH monitoring products information disclosure vulnerability

Due to/cgi-bin/nobody directory of the CGI script file run permissions set unreasonable, resulting in not certified the case directly to run this type of vulnerability has been in the plurality of devices appears, FEI news K1 is because the cgi file to perform the access restrictions unreasonable...

TrendMicro InterScan Web Security Virtual Appliance - 'Shellshock' Remote Command Injection

!/usr/bin/env python TrendMicro InterScan Web Security Virtul Appliance ================================================== InterScan Web Security is a software virtual appliance that dynamically protects against the ever-growing flood of web threats at the Internet gateway exclusively designed to...

CentOS 7 : tomcat (CESA-2016:2046) (httpoxy)

An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CentOS 6 / 7 : python-twisted-web (CESA-2016:1978)

An update for python-twisted-web is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Twisted: sets environmental variable based on user supplied Proxy request header

It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote...