56 matches found
PYSEC-2022-17
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...
CVE-2021-32849 Arbitrary command execution in Gerapy
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...
CVE-2021-32849 Arbitrary command execution in Gerapy
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...
CVE-2021-32849
Gerapy (distributed crawler management framework) contains an authenticated arbitrary command execution vulnerability tracked as CVE-2021-32849. Prior to version 0.9.9, an authenticated user could execute commands on the server. The issue has been fixed in version 0.9.9. Public sources in the con...
Gerapy 命令注入漏洞
Gerapy is a crawler framework based on the Scrapy Scrapyd Scrapyd Client Scrapyd API Django. Gerapy authenticates remote command execution vulnerabilities, which can be exploited by attackers to gain control of the server...
Remote Code Execution (RCE)
gerapy is vulnerable to remote code execution. The use of string which can be controlled externally in a command line allows a malicious user to change the meaning of the command...
GHSA-756H-R2C9-QP5J An authenticated user can execute arbitrary command in Gerapy
Impact An authenticated user can execute arbitrary command, see more in https://github.com/Gerapy/Gerapy/issues/211. Patches Fixed in 0.9.9...
An authenticated user can execute arbitrary command in Gerapy
Impact An authenticated user can execute arbitrary command, see more in https://github.com/Gerapy/Gerapy/issues/211. Patches Fixed in 0.9.9...
GHSA-9W7F-M4J4-J3XW Gerapy may cause remote code execution
Impact projectconfigure function exist remote code execute in Gerapy 0.9.8 Patches Patched in version 0.9.8, please install with: pip3 install -U gerapy...
Gerapy may cause remote code execution
Impact projectconfigure function exist remote code execute in Gerapy 0.9.8 Patches Patched in version 0.9.8, please install with: pip3 install -U gerapy...
Gerapy 0.9.7 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Gerapy 0.9.7 - Remote Code Execution RCE Authenticated Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/Gerapy/Gerapy Version: All versions of Gerapy prior to 0.9.8 CVE: CVE-2021-43857 Tested on: Gerapy 0.9.6 Vulnerability: Gerapy prior to version 0.9.8 is...
Gerapy 0.9.7 Remote Code Execution
Exploit Title: Gerapy 0.9.7 - Remote Code Execution RCE Authenticated Date: 03/01/2022 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/Gerapy/Gerapy Version: All versions of Gerapy prior to 0.9.8 CVE: CVE-2021-43857 Tested on: Gerapy 0.9.6 Vulnerability: Gerapy prior to versio...
Gerapy 0.9.7 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Gerapy 0.9.7 - Remote Code Execution RCE Authenticated Date: 03/01/2022 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/Gerapy/Gerapy Version: All versions of Gerapy prior to 0.9.8 CVE: CVE-2021-43857 Tested on: Gerapy 0.9.6 Vulnerability: Gerapy prior to versio...
Exploit for OS Command Injection in Gerapy
CVE-2021-43857 Gerapy prior to version 0.9.8 is vulnerable to...
Gerapy OS Command Injection Vulnerability
Gerapy is a distributed crawler management framework based on Scrapy, Scrapyd, Django and Vue.js. An operating system command injection vulnerability exists in versions prior to Gerapy 0.9.8, which stems from the software's lack of effective filtering and escaping of system commands, resulting in...
Remote Code Execution (RCE)
gerapy is vulnerable to remote code execution. Insecure loading of projectconfigure function allows an attacker to execute arbitrary code embedded in view file...
CVE-2021-43857
Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8...
CVE-2021-43857
Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8...
CVE-2021-43857
Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8...
Remote code execution
Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8...