454 matches found
CVE-2024-5722 Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability
Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this...
CVE-2024-5722
CVE-2024-5722 describes a remote code execution vulnerability in the Logsign Unified SecOps Platform via the HTTP API, arising from a hard-coded cryptographic key. The flaw enables network-adjacent attackers to execute code with root privileges without authentication. Public references indicate a...
CVE-2024-5722 Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability
Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this...
CVE-2024-5721 Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific...
CVE-2024-5720 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5720
Logsign Unified SecOps Platform is affected by a command injection vulnerability in its HTTP API. The flaw stems from insufficient validation of a user-supplied string used to construct a system call, allowing an attacker to execute code with root privileges. Several sources (including ZDI adviso...
CVE-2024-5720 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5719 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5719 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5719
CVE-2024-5719 affects Logsign Unified SecOps Platform. The flaw is in the HTTP API implementation where a user-supplied string is not properly validated before being used in a system call, enabling a remote attacker to execute arbitrary code with root privileges. Authentication is required to exp...
CVE-2024-5718 Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific...
CVE-2024-5718 Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific...
CVE-2024-5717 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5717 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5717
CVE-2024-5717 affects Logsign Unified SecOps Platform. The issue is a command-injection vulnerability in the HTTP API caused by improper validation of user-supplied input, allowing an attacker to execute arbitrary code with root privileges. Exploitation requires authentication, but several source...
CVE-2024-21855
A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
CVE-2024-21855
CVE-2024-21855 refers to a lack of authentication in GoCast 1.1.3’s HTTP API, allowing unauthenticated HTTP requests to trigger arbitrary command execution. Cisco Talos details show the API can register/unregister apps without auth, enabling full control over GoCast’s BGP-related functionality an...
CVE-2024-21855
A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
GoCast name parameter OS command injection vulnerability
Talos Vulnerability Report TALOS-2024-1960 GoCast name parameter OS command injection vulnerability November 21, 2024 CVE Number CVE-2024-28892 SUMMARY An OS command injection vulnerability exists in the name parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary comman...
GoCast NAT parameter OS command injection vulnerability
Talos Vulnerability Report TALOS-2024-1961 GoCast NAT parameter OS command injection vulnerability November 21, 2024 CVE Number CVE-2024-29224 SUMMARY An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command...