458029 matches found
D-Link - Unauthenticated Remote Code Execution
OS command injection vulnerability in soap.cgi soapcgimain in cgibin in D-Link DIR-880L DIR-880LREVAFIRMWAREPATCH1.08B04 and previous versions, DIR-868L DIR868LA1FW112b04 and previous versions, DIR-65L DIR-865LREVAFIRMWAREPATCH1.08.B01 and previous versions, and DIR-860L DIR860LA1FW110b04 and...
Dasan GPON Devices - Remote Code Execution
Dasan GPON home routers are susceptible to command injection which can occur via the desthost parameter in a diagaction=ping request to a GponForm/diagForm URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to...
ManageEngine ADManager Plus - Command Injection
Zoho ManageEngine ADManager Plus through 7180 allows for authenticated users to exploit command injection via Proxy settings. id: CVE-2023-29084 info: name: ManageEngine ADManager Plus - Command Injection author: rootxharsh,iamnoooob,pdresearch severity: high description: | Zoho ManageEngine...
Apache Airflow <=1.10.10 - Remote Code Execution
Apache Airflow versions 1.10.10 and below are vulnerable to remote code/command injection vulnerabilities in one of the example DAGs shipped with Airflow. This could allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending on the executor in us...
VMware NSX SD-WAN Edge - Command Injection
VMware NSX SD-WAN Edge formerly VeloCloud Edge before 3.1.2 contains an unauthenticated command injection in the local web UI diagnostic tools Ping/Traceroute. This template detects it reliably by injecting 'id', 'whoami', and a random marker. id: CVE-2018-6961 info: name: VMware NSX SD-WAN Edge ...
SaltStack <=3002 - Shell Injection
SaltStack Salt through 3002 allows an unauthenticated user with network access to the Salt API to use shell injections to run code on the Salt-API using the SSH client. id: CVE-2020-16846 info: name: SaltStack =3003 to mitigate this vulnerability. reference: -...
Joomla! Core SQL Injection
A SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands. id: CVE-2015-7297 info: name: Joomla! Core SQL Injection author: princechaddha severity: high description: A SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote...
NETGEAR WNAP320 Access Point Firmware - Remote Command Injection
NETGEAR WNAP320 Access Point Firmware version 2.0.3 could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. id: CVE-2016-1555 info: name: NETGEAR WNAP320 Access Point Firmware - Remote Command Injection author: gy741 severity: critical...
Drupal SQL Injection
The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing specially crafted keys. id: CVE-2014-3704 info: name: Drupal SQL...
D-Link NAS - Command Injection via Name Parameter
A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been declared as critical. Affected by this vulnerability is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument name leads to os command...
Ivanti EPM - Remote Code Execution
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. id: CVE-2024-29824 info: name: Ivanti EPM - Remote Code Execution author: DhiyaneshDK severity: critical description: | ...
Rejetto HTTP File Server - Template injection
This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. id: CVE-2024-23692 info: name: Rejetto HTTP File Server - Template injection author: johnk3r severity: critical description: | This...
SolarView Compact 6.00 - OS Command Injection
SolarView Compact 6.00 was discovered to contain a command injection vulnerability, attackers can execute commands by bypassing internal restrictions through downloader.php. id: CVE-2023-23333 info: name: SolarView Compact 6.00 - OS Command Injection author: Mr-xn severity: critical description: ...
Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection
The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21AAZF.17C0 and NAS542 firmware versions before V5.21ABAG.14C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted HTTP POST request...
D-Link Network Attached Storage - Command Injection and Backdoor Account
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nassharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument...
Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection
A command injection vulnerability in web components of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. id: CVE-2024-21887 info: name: Ivanti Connect Secure...
Hitachi Pentaho Business Analytics Server - Remote Code Execution
Hitachi Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x, is susceptible to remote code execution via server-side template injection. Certain web services can set property values which contain Spring templates that are interpreted downstream, thereby...
Cacti <=1.2.22 - Remote Command Injection
Cacti through 1.2.22 is susceptible to remote command injection. There is insufficient authorization within the remote agent when handling HTTP requests with a custom Forwarded-For HTTP header. An attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS...
DrayTek Vigor - Command Injection
DrayTek Gateway devices Vigor2960, Vigor300B, etc. are vulnerable to command injection via the session parameter in the /cgi-bin/mainfunction.cgi/apmcfgupload endpoint. An attacker can inject arbitrary commands and retrieve their output. id: CVE-2024-12987 info: name: DrayTek Vigor - Command...
Cacti 1.2.24 - SQL Injection
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graphview.php. Since guest users can access graphview.php without authentication by default, if guest users are being utilized in an enabled state, there...