Important: less

Issue Overview: less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation als...

CVE-2024-35401

TOTOLINK CP900L v4.1.5cu.798B20221228 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function...

Important: less

Issue Overview: less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation als...

TOTOLINK CP900L 安全漏洞

The TOTOLINK CP900L is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK CP900L suffers from a command injection vulnerability that stems from the FileName parameter of the UploadFirmwareFile function failing to correctly filter constructed command special characters, command...

PT-2024-26481 · Totolink · Totolink Cp900L

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP900L version 4.1.5cu.798 B20221228 Description: A command injection issue was found via the FileName parameter in the UploadFirmwareFile function. This allows for potential exploitation. Recommendations: For TOTOLINK CP900L version...

CVE-2024-36383

An issue was discovered in Logpoint SAML Authentication before 6.0.3. An attacker can place a crafted filename in the state field of a SAML SSO-URL response, and the file corresponding to this filename will ultimately be deleted. This can lead to a SAML Authentication login outage...

CVE-2024-36383

Vulnerability summary: Logpoint SAML Authentication before 6.0.3 is affected by an issue where an attacker can place a crafted filename in the state field of a SAML SSO URL response, leading to deletion of the corresponding file and a SAML login outage. This affects Logpoint SAML Authentication p...

PT-2024-3950 · Logpoint · Logpoint Saml Authentication

Name of the Vulnerable Software and Affected Versions: Logpoint SAML Authentication versions prior to 6.0.3 Description: An issue in Logpoint SAML Authentication allows an attacker to place a crafted filename in the state field of a SAML SSO-URL response. This can lead to the deletion of the file...

CVE-2024-36079

An issue was discovered in Vaultize 21.07.27. When uploading files, there is no check that the filename parameter is correct. As a result, a temporary file will be created outside the specified directory when the file is downloaded. To exploit this, an authenticated user would upload a file with ...

CVE-2024-36079

CVE-2024-36079 concerns Vaultize 21.07.27. The vulnerability arises because the upload flow does not validate the provided filename parameter, allowing a temporary file to be created outside the specified directory when the file is downloaded. An authenticated user could exploit this by uploading...

CVE-2024-36079

An issue was discovered in Vaultize 21.07.27. When uploading files, there is no check that the filename parameter is correct. As a result, a temporary file will be created outside the specified directory when the file is downloaded. To exploit this, an authenticated user would upload a file with ...

Vaultize 安全漏洞

Vaultize is an enterprise platform from Vaultize, Inc. A security vulnerability exists in Vaultize version 21.07.27, which stems from a lack of filename filtering, resulting in an arbitrary file upload vulnerability...

PT-2024-26887 · Vaultize · Vaultize

Name of the Vulnerable Software and Affected Versions: Vaultize version 21.07.27 Description: An issue was discovered in the software where there is no check that the filename parameter is correct when uploading files. As a result, a temporary file will be created outside the specified directory...

jetty: Improper addition of quotation marks to user inputs in CgiServlet

A flaw was found in Jetty's CGI servlet which permits incorrect command execution in specific circumstances such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands other than the one requested...

CVE-2024-35081

LuckyFrameWeb v3.5.2 is affected by CVE-2024-35081: an arbitrary file deletion vulnerability exposed through the fileName parameter in the fileDownload method. The issue allows deletion of files and is described as a security vulnerability with high integrity impact (I: high) while confidentialit...

LuckyFrameWeb 安全漏洞

LuckyFrameWeb is an open source testing platform open source by LuckyFrameWeb. A security vulnerability exists in LuckyFrameWeb version v3.5.2, which originates from an arbitrary file deletion via the fileName parameter in the fileDownload method...

PT-2024-26310 · Unknown · Luckyframeweb

Name of the Vulnerable Software and Affected Versions: LuckyFrameWeb version 3.5.2 Description: The issue allows for arbitrary file deletion via the fileName parameter in the fileDownload method. Recommendations: For version 3.5.2, avoid using the fileName parameter in the fileDownload method unt...

TOTOLINK CPE CP450 setUpgradeFW Method Command Injection Vulnerability

TOTOLINK CPE CP450 is an outdoor wireless client terminal device manufactured by China Gion Electronics TOTOLINK. The TOTOLINK CPE CP450 suffers from a command injection vulnerability that stems from the FileName parameter of the setUpgradeFW method failing to properly filter constructor command...

CLSA-2024-1716272273 less: Fix of CVE-2022-48624

CVE-2022-48624: filename.c: shell-quote filenames when invoking LESSCLOSE...

CLSA-2024-1715946971 less: Fix of CVE-2024-32487

CVE-2024-32487: filename.c: quoting mishandling...