CVE-2023-32350

Versions 00.07.00 through 00.07.03 of Teltonika’s RUT router firmware contain an operating system OS command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing a package with a...

Command injection

Versions 00.07.00 through 00.07.03 of Teltonika’s RUT router firmware contain an operating system OS command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing a package with a...

CVE-2023-32350

Versions 00.07.00 through 00.07.03 of Teltonika’s RUT router firmware contain an operating system OS command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing a package with a...

CVE-2023-32350

Versions 00.07.00 through 00.07.03 of Teltonika’s RUT router firmware contain an operating system OS command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing a package with a...

PT-2023-23744 · Teltonika · Teltonika Rut

Name of the Vulnerable Software and Affected Versions: Teltonika RUT router firmware versions 00.07.00 through 00.07.03 Description: The issue is an operating system OS command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a...

Oracle Linux 9 : lua (ELSA-2023-2582)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2582 advisory. 5.4.4-3 - Apply upstream patch for CVE-2022-28805 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

lua security update

5.4.4-3 - Apply upstream patch for CVE-2022-28805...

AlmaLinux 9 : lua (ALSA-2023:2582)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2582 advisory. - singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that mig...

RHEL 9 : lua (RHSA-2023:2582)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2582 advisory. The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently us...

Teltonika RUT router 操作系统命令注入漏洞

Teltonika RUT9XX and Teltonika RUT950 are both LET router products from Teltonika Lithuania. An operating system command injection vulnerability exists in Teltonika RUT router versions 00.07.00 through 00.07.03, which stems from the inclusion of an operating system OS command injection...

The vulnerability of NoSQL Redis database management systems, related to out-of-buffer reading, allows attackers to access confidential data.

The vulnerability of the NoSQL Redis database management system is related to the use of the Redis Lua debugger. Exploiting this vulnerability can allow an attacker to gain access to confidential data through a specially created query...

Low: Red Hat Security Advisory: lua security update

An update for lua is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

lua: heap buffer overread

A heap buffer-overflow vulnerability was found in Lua. The flaw occurs due to vulnerable code present in the lparser.c function of Lua that allows the execution of untrusted Lua code into a system, resulting in malicious activity...

Low: lua security update

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fixes: lua: heap buffer overread CVE-2022-28805 For more details about the security issues,...

ALSA-2023:2582 Low: lua security update

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fixes: lua: heap buffer overread CVE-2022-28805 For more details about the security issues,...

CVE-2023-21404

AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data...

CVE-2023-21404

AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data...

AXIS OS 安全漏洞

AXIS Os is an edge device operating system from Axis Sweden. A security vulnerability exists in AXIS OS versions 11.0.x-11.3.x, which stems from the use of static RSA keys in legacy LUA components to protect Axis-specific source code...

CVE-2023-21404

AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data...

PT-2023-18177 · Axis · Axis Os

Name of the Vulnerable Software and Affected Versions: AXIS OS versions 11.0.X through 11.3.x Description: The issue concerns the use of a static RSA key in legacy LUA-components to protect Axis-specific source code. This static RSA key is not utilized in any other secure communication and cannot...