TeamSpeak 3.5.6 - Insecure File Permissions Vulnerability

Exploit Title: TeamSpeak 3.5.6 - Insecure File Permissions Exploit Author: Aryan Chehreghani Contact: email protected Vendor Homepage: https://www.teamspeak.com Software Link: https://www.teamspeak.com/en/downloads Version: 3.5.6 Tested on: Windows 10 x64 About - TeamSpeak : TeamSpeak TS is a...

CVE-2021-40396

A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1.1.7. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2021-40397

A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2021-40396

A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1.1.7. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

Advantech 安全漏洞

Advantech is an application of Advantech, a Chinese company that provides an intelligent electric bus management system.A security vulnerability exists in Advantech SQ Manager Server, which can replace specially crafted files in the system to escalate privileges to NT system privileges. An attack...

Advantech 安全漏洞

Advantech is an application of Advantech, a Chinese company that provides an intelligent electric bus management system. Advantech DeviceOn/iService 1.1.7 contains a security vulnerability that can be exploited by attackers to replace specially crafted files in the system to elevate privileges to...

Sql injection

Useful Simple Open-Source CMS USOC is a content management system CMS for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file admin/pages/useredit.php with a newer version. USOC version...

CVE-2021-21912

A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...

CVE-2021-43578

Jenkins Squash TM Publisher Squash4Jenkins Plugin 1.0.0 and earlier implements an agent-to-controller message that does not implement any validation of its input, allowing attackers able to control agent processes to replace arbitrary files on the Jenkins controller file system with an...

CVE-2021-43578

CVE-2021-43578 affects the Jenkins Squash TM Publisher (Squash4Jenkins) Plugin, version 1.0.0 and earlier. The root cause is an agent-to-controller message that performs no input validation, enabling an attacker who can control agent processes to replace arbitrary files on the Jenkins controller ...

CVE-2021-42775

The CVE-2021-42775 entry concerns Broadcom Emulex HBA Manager/One Command Manager. Affected versions are before 11.4.425.0 and 12.8.542.31. If not installed in Strictly Local Management mode, the remote firmware download feature is vulnerable, allowing an unauthenticated user in non-secure mode t...

CVE-2021-38485

The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk...

CVE-2021-38485

The CVE-2021-38485 entry corresponds to Emerson WirelessHART Gateway. The issue is improper input validation in the restore file, allowing a malicious configuration file to replace arbitrary files on disk. Connected sources specify affected products and versions (e.g., WirelessHART 1410/1410D/142...

Gestionale Amica Prodigy 授权问题漏洞

Gestionaleamica Gestionale Amica Prodigy is an application from Gestionaleamica. a cloud backup service that ensures accounting security. Gestionale Amica Prodigy suffers from an authorization issue vulnerability that stems from the product not adding the correct permissions to...

Improper access control

Improper access control vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows attackers to arbitrary code execution by replacing FOTA update file...

CVE-2021-25437

The CVE-2021-25437 issue affects Samsung Tizen’s FOTA service (prior to the firmware update JUL-2021 release). The root cause is an improper access control allowing an attacker to replace the FOTA update file, enabling arbitrary code execution. The vulnerability is described as exploitable over n...

MDT AutoSave 路径遍历漏洞

MDT AutoSave is a software application. It provides an automated change management function. A path traversal vulnerability exists in MDT Autosave. An attacker could exploit this vulnerability to allow a specified path to be changed to another path, causing an existing file to be replaced with a...

Design/Logic Flaw

Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...

CVE-2021-33542

Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely initialized data. The...

DEBIAN-CVE-2021-29948

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird 78.10...