CVE-2021-22908

A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default...

Ivanti Pulse Connect Secure Command Injection Vulnerability

Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles...

CVE-2021-22908

CVE-2021-22908 describes a buffer overflow in Pulse Connect Secure (PCS) related to Windows File Resource Profiles and SMB sharing. Reported as affecting PCS 9.X up to 9.1R2/3, with 9.1R3 enabling default-deny for SMB browsing; exploitation requires an authenticated user with privileges and could...

CVE-2021-22908

A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default...

PT-2021-15265 · Pulse · Pulse Connect Secure

Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure versions 9.X through 9.1R2 Windows File Resource Profiles versions 9.X through 9.1R2 Description: A buffer overflow issue exists, allowing a remote authenticated user with privileges to browse SMB shares to execute...