CVE-2022-31794

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hwview.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons,...

CVE-2025-68919

CVE-2025-68919 affects Fujitsu Fsas Technologies ETERNUS SF ACM/SC/Express (DX/AF Management Software). The issue arises because maintenance data collected by the system can be accessed by a non-admin principal, potentially exposing data and impacting confidentiality (C), with limited integrity/a...

Fujitsu多款产品和Fsas多款产品 日志信息泄露漏洞

Fsas Technologies ETERNUS SF and others are products of Fsas Technologies, Japan.Fsas Technologies ETERNUS SF is a storage system replication and backup management software.Fujitsu ETERNUS SF ACM and others are products of Fujitsu, Japan. Fujitsu ETERNUS SF ACM is a data replication, backup, and...

PT-2025-53380

Name of the Vulnerable Software and Affected Versions Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express DX / AF Management Software versions prior to 16.8-16.9.1 PA 2025-12 Description When maintenance data is collected, access by unauthorized principals or authorities—those other than ETERNU...

EUVD-2020-21509

Malware in sbrugna...

EUVD-2022-53186

Malicious code in bioql PyPI...

CVE-2022-31795

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the grelfinfo function in grel.php. An attacker is able to influence the username user, password pw, and file-name file parameters and inject special characters...

CVE-2020-29127

An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user using any web browser, the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid=XXXXXXXXXX=cgiPgOverview=en is visited from a different web...

CVE-2022-31795

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the grelfinfo function in grel.php. An attacker is able to influence the username user, password pw, and file-name file parameters and inject special characters...

CVE-2022-31794

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hwview.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons,...

Design/Logic Flaw

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the grelfinfo function in grel.php. An attacker is able to influence the username user, password pw, and file-name file parameters and inject special characters...

Design/Logic Flaw

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hwview.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons,...

CVE-2022-31795

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the grelfinfo function in grel.php. An attacker is able to influence the username user, password pw, and file-name file parameters and inject special characters...

CVE-2022-31794

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hwview.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons,...

CVE-2020-29127

An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user using any web browser, the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid=XXXXXXXXXX&csppage=cgiPgOverview&csplang=en is visited from a...

CVE-2020-29127

An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user using any web browser, the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid=XXXXXXXXXX&csppage=cgiPgOverview&csplang=en is visited from a...

Design/Logic Flaw

An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user using any web browser, the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid=XXXXXXXXXX&csppage=cgiPgOverview&csplang=en is visited from a...

CVE-2020-29127

An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user using any web browser, the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid=XXXXXXXXXX&csppage=cgiPgOverview&csplang=en is visited from a...

Fujitsu Eternus Storage DX200 S4 Authorization Issues Vulnerability

The Fujitsu Fujitsu Eternus Storage DX200 S4 is a storage appliance for enterprise environments that provides storage support for server virtualization, email, databases, business applications, and centralized file services from Fujitsu Japan. The storage device features thin provisioning,...

Fujitsu Eternus Storage DX200 S4 Broken Authentication

Title: Fujitsu Eternus Storage DX200 S4 Broken Authentication Author: Seccops https://seccops.com Vendor Homepage: https://www.fujitsu.com/global/products/computing/storage/disk/eternus-dx/ Version: Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25 Classifications: OWASP: A2:2017-Broken...