39 matches found
Generex UPS Adapter CS141 Unrestricted Upload of File with Dangerous Type (CVE-2022-47190)
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a webshell that could allow him to execute arbitrary code as root. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Generex UPS Adapter CS141 Improper Input Validation (CVE-2022-47189)
Generex UPS CS141 below 2.06 version, allows an attacker toupload a firmware file containing an incorrect configuration, in order to disrupt the normal functionality of the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more informatio...
Generex UPS Adapter CS141 Authenticated Remote Code Execution (CVE-2022-42457)
Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches runupdate in /usr/bin/gxserve-update.sh e.g., command execution can occur via a reverse shell installed by install.sh. This plugin only works with Tenable.ot. Please visit...
Generex UPS Adapter CS141 Unrestricted Upload of File with Dangerous Type (CVE-2022-47191)
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a file with modified permissions, allowing him to escalate privileges. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Generex UPS Adapter CS141 Unrestricted Upload of File with Dangerous Type (CVE-2022-47186)
There is an unrestricted upload of file vulnerability in Generex CS141 below 2.06 version. An attacker could upload and/or delete any type of file, without any format restriction and without any authentication, in the upload directory. This plugin only works with Tenable.ot. Please visit...
EUVD-2022-49966
Malicious code in bioql PyPI...
EUVD-2022-49964
Malicious code in bioql PyPI...
EUVD-2022-49965
Malicious code in bioql PyPI...
EUVD-2022-49963
Malicious code in bioql PyPI...
CVE-2022-47188
There is an arbitrary file reading vulnerability in Generex UPS CS141 below 2.06 version. An attacker, making use of the default credentials, could upload a backup file containing a symlink to /etc/shadow, allowing him to obtain the content of this path...
CVE-2022-47192
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a backup file containing a modified "users.json" to the web server of the device, allowing him to replace the administrator password...
CVE-2022-47188
There is an arbitrary file reading vulnerability in Generex UPS CS141 below 2.06 version. An attacker, making use of the default credentials, could upload a backup file containing a symlink to /etc/shadow, allowing him to obtain the content of this path...
CVE-2022-47191
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a file with modified permissions, allowing him to escalate privileges...
CVE-2022-47190
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a webshell that could allow him to execute arbitrary code as root...
CVE-2022-47189
Generex UPS CS141 below 2.06 version, allows an attacker toupload a firmware file containing an incorrect configuration, in order to disrupt the normal functionality of the device...
CVE-2022-47192
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a backup file containing a modified "users.json" to the web server of the device, allowing him to replace the administrator password...
CVE-2022-47190
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a webshell that could allow him to execute arbitrary code as root...
Design/Logic Flaw
Generex UPS CS141 below 2.06 version, allows an attacker toupload a firmware file containing an incorrect configuration, in order to disrupt the normal functionality of the device...
Design/Logic Flaw
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a file with modified permissions, allowing him to escalate privileges...
Design/Logic Flaw
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a backup file containing a modified "users.json" to the web server of the device, allowing him to replace the administrator password...