Lucene search
K

19 matches found

Cisco
Cisco
added 2025/08/27 4:0 p.m.6 views

Cisco Nexus Dashboard Path Traversal Vulnerability

A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. This vulnerability is due to insufficient validation of the contents of a backup file. An attacker with valid...

6.5CVSS7.3AI score0.0055EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:35 a.m.10 views

CVE-2024-22514

An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files by restoring a crafted backup file...

8.8CVSS6.9AI score0.01401EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:39 p.m.5 views

CVE-2022-40486

TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 574505553 was discovered to allow authenticated attackers to execute arbitrary code via a crafted backup file...

8.8CVSS8.8AI score0.01493EPSS
Exploits1References1
OSV
OSV
added 2025/05/22 5:15 p.m.5 views

CVE-2025-43596

An insecure file system permissions vulnerability in MSP360 Backup 8.0 allows a low privileged user to execute commands with SYSTEM level privileges using a specially crafted file with an arbitrary file backup target. Upgrade to MSP360 Backup 8.1.1.19 released on 2025-05-15...

9.8CVSS6.1AI score0.00353EPSS
Exploits0References4
NVD
NVD
added 2024/10/28 9:15 p.m.23 views

CVE-2024-44258

This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, tvOS 18.1, visionOS 2.1. Restoring a maliciously crafted backup file may lead to modification of protected system files...

7.1CVSS0.0075EPSS
Exploits2References8
NVD
NVD
added 2024/10/23 6:15 p.m.14 views

CVE-2024-20485

A vulnerability in the VPN web server of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this...

6.7CVSS0.00198EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/23 5:52 p.m.21 views

CVE-2024-20485

A vulnerability in the VPN web server of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this...

6CVSS0.00198EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/23 12:0 a.m.5 views

PT-2024-7503 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the VPN web server of the software could allow an...

6.7CVSS7.5AI score0.00198EPSS
Exploits0References6
NVD
NVD
added 2024/07/04 1:15 a.m.35 views

CVE-2024-38471

Multiple TP-LINK products allow a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by restoring a crafted backup file. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi...

6.8CVSS0.00362EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/07/04 12:49 a.m.15 views

CVE-2024-38471

Multiple TP-LINK products allow a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by restoring a crafted backup file. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi...

7.7AI score0.00362EPSS
Exploits0References7
OSV
OSV
added 2024/04/24 8:15 p.m.2 views

CVE-2024-20358

A vulnerability in the Cisco Adaptive Security Appliance ASA restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level...

6.7CVSS6AI score0.00705EPSS
Exploits0References1
Prion
Prion
added 2024/02/06 9:15 p.m.19 views

Authorization

An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files by restoring a crafted backup file...

6.5CVSS7.1AI score0.01401EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/08/09 7:15 p.m.3 views

CVE-2023-39001

A command injection vulnerability in the component diagbackup.php of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary commands via a crafted backup configuration file...

9.8CVSS7.7AI score0.02977EPSS
Exploits1References3
NVD
NVD
added 2022/09/28 1:15 p.m.16 views

CVE-2022-40486

TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 574505553 was discovered to allow authenticated attackers to execute arbitrary code via a crafted backup file...

8.8CVSS0.01493EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/09/28 12:59 p.m.21 views

CVE-2022-40486

TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 574505553 was discovered to allow authenticated attackers to execute arbitrary code via a crafted backup file...

9AI score0.01493EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/09/28 12:59 p.m.7 views

CVE-2022-40486

TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 574505553 was discovered to allow authenticated attackers to execute arbitrary code via a crafted backup file...

8.8AI score0.01493EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/11/16 12:0 a.m.10 views

Moodle 输入验证错误漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. a security vulnerability exists in Moodle, which stems from a problem when the software restores backup files. an attacker could...

9.8CVSS6.5AI score0.02383EPSS
Exploits0References5
Prion
Prion
added 2012/10/18 5:55 p.m.15 views

Memory corruption

Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted backup file...

6.8CVSS8.2AI score0.03264EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2012/10/18 5:0 p.m.19 views

CVE-2012-0306

Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted backup file...

7.7AI score0.03264EPSS
Exploits0References3
Rows per page
Query Builder