CVE-2022-29849

In Progress OpenEdge before 11.7.14 and 12.x before 12.2.9, certain SUID binaries within the OpenEdge application were susceptible to privilege escalation. If exploited, a local attacker could elevate their privileges and compromise the affected system...

Privilege escalation

In Progress OpenEdge before 11.7.14 and 12.x before 12.2.9, certain SUID binaries within the OpenEdge application were susceptible to privilege escalation. If exploited, a local attacker could elevate their privileges and compromise the affected system...

Progress OpenEdge权限许可和访问控制问题漏洞

Progress OpenEdge is an application. A privilege-granting and access-control issue vulnerability exists in Progress OpenEdge versions prior to 11.7.14 and versions 12.x through 12.2.9, which stems from the vulnerability to privilege escalation of certain SUID binaries in the OpenEdge application....

Vulnerability fixed in Progress OpenEdge

Progress has fixed a vulnerability in OpenEdge. A malicious party could, by exploiting this vulnerability, gain gain root privileges on the vulnerable system. For successful misuse requires authentication on the underlying operating system required. Progress has released updates to fix the...

CVE-2022-29849

In Progress OpenEdge before 11.7.14 and 12.x before 12.2.9, certain SUID binaries within the OpenEdge application were susceptible to privilege escalation. If exploited, a local attacker could elevate their privileges and compromise the affected system...

CVE-2022-29849

CVE-2022-29849 affects Progress OpenEdge; vulnerable in OpenEdge versions before 11.7.14 and 12.x before 12.2.9 due to privilege-escalation risk from certain SUID binaries. Local attackers could elevate privileges on the affected system. Remediation: upgrade to OpenEdge 11.7.14 or later, or 12.2....

PT-2022-19875 · Progress · Openedge

Name of the Vulnerable Software and Affected Versions: Progress OpenEdge versions prior to 11.7.14 Progress OpenEdge versions 12.x prior to 12.2.9 Description: The issue concerns certain SUID binaries within the OpenEdge application that were susceptible to privilege escalation. If exploited, a...

The vulnerability of the OpenEdge software platform, related to deficiencies in access control, allows a hacker to execute malicious Java classes.

The vulnerability of the OpenEdge software platform is related to deficiencies in access control when using the standard configuration. Exploiting this vulnerability allows a malicious actor to upload and execute malicious Java classes through specially crafted URL addresses using port 20931...

Progress Software OpenEdge Design Vulnerability

Progress Software OpenEdge is a suite of e-commerce platforms from Progress Software, USA. A security vulnerability exists in Progress Software OpenEdge versions 10.2x and 11.x, which is caused by an insecure default setting. The vulnerability can be exploited by remote attackers to load and remo...

CVE-2015-9245

Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows unauthenticated remote attackers to specify arbitrary URLs from which to load and execute malicious Java classes via port 20931...

CVE-2015-9245

Progress Software OpenEdge 10.2x and 11.x are affected by CVE-2015-9245 due to an insecure default configuration. The vulnerability allows unauthenticated remote attackers to specify arbitrary URLs from which to load and execute malicious Java classes through port 20931. This is rooted in the def...

Progress OpenEdge 11.2 - Directory Traversal

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = 'SSV-87398' vul ID version = '1' author = 'fenghh' vulDate = '2014-10-31' createDate =...

CVE-2014-8555

Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. dot dot in the selection parameter...

CVE-2014-8555

Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. dot dot in the selection parameter...

CVE-2014-8555

CVE-2014-8555 : A directory traversal in Progress OpenEdge 11.2’s report/reportViewAction.jsp allows remote attackers to read arbitrary files by manipulating the selection parameter with dot-dot sequences. Public exploit references (Exploits/35127, PacketStorm) describe requesting URLs like repor...

Progress OpenEdge 11.2 Directory Traversal

Exploit Title: Progress OpenEdge Directory Traversal Date: 30/10/2014 Exploit Author: Mauricio Correa Vendor Homepage: www.progress.com Software Link: www.progress.com/products/openedge Version: 11.2 Tested on: Windows OS CVE : CVE-2014-8555 The malicious user sends a malformed request that...

Progress OpenEdge 11.2 - Directory Traversal Vulnerability

Exploit for php platform in category web applications Exploit Title: Progress OpenEdge Directory Traversal Date: 30/10/2014 Exploit Author: Mauricio Correa Vendor Homepage: www.progress.com Software Link: www.progress.com/products/openedge Version: 11.2 Tested on: Windows OS CVE : CVE-2014-8555 T...

Progress OpenEdge 11.2 - Directory Traversal

Exploit Title: Progress OpenEdge Directory Traversal Date: 30/10/2014 Exploit Author: Mauricio Correa Vendor Homepage: www.progress.com Software Link: www.progress.com/products/openedge Version: 11.2 Tested on: Windows OS CVE : CVE-2014-8555 The malicious user sends a malformed request that...

Progress OpenEdge 11.2 - Directory Traversal

Progress OpenEdge 11.2 - Directory Traversal...

Progress OpenEdge 10 b Multiple Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/23926/info OpenEdge is prone to multiple denial-of-service vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits can allow attackers to cause the application to become unresponsive...