Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2025/04/10 5:48 a.m.4 views

CVE-2025-3364

The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system...

6.7CVSS7AI score0.00167EPSS
Exploits0References4
CVE
CVE
added 2025/04/08 2:26 a.m.58 views

CVE-2025-3364

CVE-2025-3364 concerns HGiga PowerStation: the SSH service exposes a Chroot Escape vulnerability that, if exploited by a user with root privileges, bypasses chroot restrictions and grants access to the entire filesystem. Multiple sources (NVD, Red Hat, CVE records) describe the issue, but none pr...

6.7CVSS7.2AI score0.00167EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/08 2:26 a.m.14 views

CVE-2025-3364 HGiga PowerStation - Chroot Escape

The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system...

6.7CVSS0.00167EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/08 2:26 a.m.4 views

CVE-2025-3364 HGiga PowerStation - Chroot Escape

The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system...

6.7CVSS7.2AI score0.00167EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.4 views

HGiga PowerStation 安全漏洞

HGiga PowerStation is a network load balancing system from China Henderson HGiga. A security vulnerability exists in HGiga PowerStation, which stems from a chroot restriction bypass that could lead to privileged users accessing the entire file system...

6.7CVSS6.6AI score0.00167EPSS
Exploits0References3
NVD
NVD
added 2023/03/27 4:15 a.m.23 views

CVE-2023-24838

HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker can exploit this vulnerability to obtain the administrator's credential. This credential can then be used to login PowerStation or Secure Shell to achieve remote code execution...

9.8CVSS9.8AI score0.011EPSS
Exploits0References1
NVD
NVD
added 2023/03/27 4:15 a.m.19 views

CVE-2023-24837

HGiga PowerStation remote management function has insufficient filtering for user input. An authenticated remote attacker with general user privilege can exploit this vulnerability to inject and execute arbitrary system commands to perform arbitrary system operation or disrupt service...

8.8CVSS9AI score0.00933EPSS
Exploits0References1
Prion
Prion
added 2023/03/27 4:15 a.m.14 views

Design/Logic Flaw

HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker can exploit this vulnerability to obtain the administrator's credential. This credential can then be used to login PowerStation or Secure Shell to achieve remote code execution...

7.5CVSS9.6AI score0.011EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/03/27 12:0 a.m.4 views

HGiga PowerStation 操作系统命令注入漏洞

Hgiga HGiga PowerStation is a network load balancing system from China's Henderson Technology Hgiga. An operating system command injection vulnerability exists in HGiga PowerStation versions prior to x64.6.2.165, which stems from insufficient filtering of user input by the remote management...

8.8CVSS8.3AI score0.00933EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.10 views

CVE-2023-24837 HGiga PowerStation - Command Injection

HGiga PowerStation remote management function has insufficient filtering for user input. An authenticated remote attacker with general user privilege can exploit this vulnerability to inject and execute arbitrary system commands to perform arbitrary system operation or disrupt service...

8.8CVSS9AI score0.00933EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.7 views

CVE-2023-24838 HGiga PowerStation - Information Leakage

HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker can exploit this vulnerability to obtain the administrator's credential. This credential can then be used to login PowerStation or Secure Shell to achieve remote code execution...

9.8CVSS9.7AI score0.011EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/27 12:0 a.m.23 views

CVE-2023-24838 HGiga PowerStation - Information Leakage

HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker can exploit this vulnerability to obtain the administrator's credential. This credential can then be used to login PowerStation or Secure Shell to achieve remote code execution...

9.8CVSS9.9AI score0.011EPSS
Exploits0References1
CVE
CVE
added 2023/03/27 12:0 a.m.61 views

CVE-2023-24838

HGiga PowerStation (network-facing device) has an information-disclosure vulnerability. An unauthenticated remote attacker can obtain the administrator’s credentials, which could be used to log in to PowerStation or SSH and potentially achieve remote code execution. Public disclosures across mult...

9.8CVSS9.8AI score0.011EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/03/27 12:0 a.m.54 views

CVE-2023-24837

CVE-2023-24837 describes a command-injection flaw in HGiga PowerStation’s remote management function. Insufficient input filtering lets an authenticated remote user with general privileges inject and execute arbitrary system commands, potentially taking arbitrary system actions or disrupting serv...

8.8CVSS9AI score0.00933EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/27 12:0 a.m.19 views

CVE-2023-24837 HGiga PowerStation - Command Injection

HGiga PowerStation remote management function has insufficient filtering for user input. An authenticated remote attacker with general user privilege can exploit this vulnerability to inject and execute arbitrary system commands to perform arbitrary system operation or disrupt service...

8.8CVSS9.1AI score0.00933EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.6 views

PT-2023-7466 · Unknown · Hgiga Powerstation

Name of the Vulnerable Software and Affected Versions: HGiga PowerStation affected versions not specified Description: The issue is related to insufficient filtering for user input in the remote management function of the system, allowing an authenticated remote attacker to inject and execute...

9CVSS8.5AI score0.00933EPSS
Exploits0References5
Rows per page
Query Builder