Lucene search
K

56 matches found

OSV
OSV
added 2022/01/26 10:15 p.m.35 views

PYSEC-2022-17

Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...

9CVSS6.6AI score0.0765EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/01/26 9:30 p.m.46 views

CVE-2021-32849 Arbitrary command execution in Gerapy

Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...

8.8CVSS8.8AI score0.0765EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2022/01/26 9:30 p.m.6 views

CVE-2021-32849 Arbitrary command execution in Gerapy

Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...

8.8CVSS8.5AI score0.0765EPSS
Exploits1References5
CVE
CVE
added 2022/01/26 9:30 p.m.106 views

CVE-2021-32849

Gerapy (distributed crawler management framework) contains an authenticated arbitrary command execution vulnerability tracked as CVE-2021-32849. Prior to version 0.9.9, an authenticated user could execute commands on the server. The issue has been fixed in version 0.9.9. Public sources in the con...

9CVSS8.5AI score0.0765EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2022/01/26 12:0 a.m.7 views

Gerapy 命令注入漏洞

Gerapy is a crawler framework based on the Scrapy Scrapyd Scrapyd Client Scrapyd API Django. Gerapy authenticates remote command execution vulnerabilities, which can be exploited by attackers to gain control of the server...

9CVSS5.8AI score0.0765EPSS
Exploits1References6
Veracode
Veracode
added 2022/01/07 12:26 p.m.24 views

Remote Code Execution (RCE)

gerapy is vulnerable to remote code execution. The use of string which can be controlled externally in a command line allows a malicious user to change the meaning of the command...

8.8CVSS3.9AI score0.0765EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2022/01/06 11:48 p.m.25 views

GHSA-756H-R2C9-QP5J An authenticated user can execute arbitrary command in Gerapy

Impact An authenticated user can execute arbitrary command, see more in https://github.com/Gerapy/Gerapy/issues/211. Patches Fixed in 0.9.9...

8.8CVSS8.7AI score0.0765EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2022/01/06 11:48 p.m.37 views

An authenticated user can execute arbitrary command in Gerapy

Impact An authenticated user can execute arbitrary command, see more in https://github.com/Gerapy/Gerapy/issues/211. Patches Fixed in 0.9.9...

9CVSS2.1AI score0.0765EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2022/01/06 5:36 p.m.34 views

GHSA-9W7F-M4J4-J3XW Gerapy may cause remote code execution

Impact projectconfigure function exist remote code execute in Gerapy 0.9.8 Patches Patched in version 0.9.8, please install with: pip3 install -U gerapy...

9.8CVSS9.2AI score0.55331EPSS
Exploits7References8
Github Security Blog
Github Security Blog
added 2022/01/06 5:36 p.m.198 views

Gerapy may cause remote code execution

Impact projectconfigure function exist remote code execute in Gerapy 0.9.8 Patches Patched in version 0.9.8, please install with: pip3 install -U gerapy...

9.8CVSS9.1AI score0.55331EPSS
Exploits7References8Affected Software1
0day.today
0day.today
added 2022/01/06 12:0 a.m.352 views

Gerapy 0.9.7 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Gerapy 0.9.7 - Remote Code Execution RCE Authenticated Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/Gerapy/Gerapy Version: All versions of Gerapy prior to 0.9.8 CVE: CVE-2021-43857 Tested on: Gerapy 0.9.6 Vulnerability: Gerapy prior to version 0.9.8 is...

9.8CVSS0.1AI score0.55331EPSS
Exploits7
Packet Storm
Packet Storm
added 2022/01/05 12:0 a.m.340 views

Gerapy 0.9.7 Remote Code Execution

Exploit Title: Gerapy 0.9.7 - Remote Code Execution RCE Authenticated Date: 03/01/2022 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/Gerapy/Gerapy Version: All versions of Gerapy prior to 0.9.8 CVE: CVE-2021-43857 Tested on: Gerapy 0.9.6 Vulnerability: Gerapy prior to versio...

9.8CVSS9.1AI score0.55331EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.537 views

Gerapy 0.9.7 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Gerapy 0.9.7 - Remote Code Execution RCE Authenticated Date: 03/01/2022 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/Gerapy/Gerapy Version: All versions of Gerapy prior to 0.9.8 CVE: CVE-2021-43857 Tested on: Gerapy 0.9.6 Vulnerability: Gerapy prior to versio...

9.8CVSS8.7AI score0.55331EPSS
Exploits7
GithubExploit
GithubExploit
added 2022/01/03 4:47 p.m.580 views

Exploit for OS Command Injection in Gerapy

CVE-2021-43857 Gerapy prior to version 0.9.8 is vulnerable to...

9.8CVSS9.4AI score0.55331EPSS
Exploits7
CNVD
CNVD
added 2021/12/29 12:0 a.m.15 views

Gerapy OS Command Injection Vulnerability

Gerapy is a distributed crawler management framework based on Scrapy, Scrapyd, Django and Vue.js. An operating system command injection vulnerability exists in versions prior to Gerapy 0.9.8, which stems from the software's lack of effective filtering and escaping of system commands, resulting in...

9.8CVSS9.5AI score0.55331EPSS
Exploits7References1
Veracode
Veracode
added 2021/12/28 1:47 a.m.27 views

Remote Code Execution (RCE)

gerapy is vulnerable to remote code execution. Insecure loading of projectconfigure function allows an attacker to execute arbitrary code embedded in view file...

9.8CVSS5.2AI score0.55331EPSS
Exploits7References4Affected Software1
NVD
NVD
added 2021/12/27 7:15 p.m.14 views

CVE-2021-43857

Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8...

9.8CVSS0.55331EPSS
Exploits7References4
ATTACKERKB
ATTACKERKB
added 2021/12/27 7:15 p.m.3 views

CVE-2021-43857

Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8...

9.8CVSS7.5AI score0.55331EPSS
Exploits7References5Affected Software1
OSV
OSV
added 2021/12/27 7:15 p.m.27 views

CVE-2021-43857

Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8...

8.8CVSS8.7AI score
Exploits0References4
Prion
Prion
added 2021/12/27 7:15 p.m.13 views

Remote code execution

Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8...

6.5CVSS8.6AI score0.55331EPSS
Exploits7References4Affected Software1
Rows per page
Query Builder