Lucene search
K

216 matches found

Cvelist
Cvelist
added 2024/01/26 12:0 a.m.24 views

CVE-2023-38319

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.9AI score0.01096EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/01/26 12:0 a.m.23 views

CVE-2023-38318

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.9AI score0.01096EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/01/26 12:0 a.m.30 views

CVE-2023-38317

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.9AI score0.01096EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/01/26 12:0 a.m.17 views

CVE-2023-38323

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the status path script entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.9AI score0.01096EPSS
Exploits1References4
CVE
CVE
added 2024/01/26 12:0 a.m.53 views

CVE-2023-38318

OpenNDS before 10.1.3 is affected. The issue arises from inadequate sanitization of the gateway FQDN entry in the configuration file, allowing an attacker with access to that file to execute arbitrary OS commands. Impact is high: confidentiality, integrity, and availability can be compromised (CV...

9.8CVSS9.6AI score0.01096EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2024/01/26 12:0 a.m.47 views

CVE-2023-38317

OpenNDS

9.8CVSS9.6AI score0.01096EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2024/01/26 12:0 a.m.7 views

openNDS Security Vulnerabilities

openNDS is openNDS open source a high-performance, small footprint portal system. A security vulnerability exists in openNDS prior to version 10.1.3 that stems from an inability to clean up a network interface name entry in a configuration file, allowing an attacker with direct or indirect access...

9.8CVSS7.2AI score0.01096EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/01/26 12:0 a.m.2 views

CVE-2023-38319

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.7AI score0.01096EPSS
Exploits1References4
OSV
OSV
added 2024/01/26 12:0 a.m.25 views

CVE-2023-38317

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.8CVSS7.5AI score0.01096EPSS
Exploits1References6
CVE
CVE
added 2024/01/26 12:0 a.m.43 views

CVE-2023-38323

OpenNDS before 10.1.3 contains a vulnerability where the status path script entry in the configuration file is not sanitized, allowing attackers with direct or indirect access to that file to execute arbitrary OS commands. CVSSv3.1 base score 9.8 (CRITICAL) with Network attack vector, no privileg...

9.8CVSS9.6AI score0.01096EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/26 12:0 a.m.3 views

CVE-2023-38318

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.7AI score0.01096EPSS
Exploits1References4
CVE
CVE
added 2024/01/26 12:0 a.m.51 views

CVE-2023-38319

CVE-2023-38319 affects OpenNDS prior to 10.1.3. The issue is that the configuration file’s FAS key entry is not sanitized, allowing an attacker with direct or indirect access to the file to execute arbitrary OS commands. The vulnerability impact is described as high/critical in CVSS v3.1 (AV:N/AC...

9.8CVSS9.6AI score0.01096EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/01/26 12:0 a.m.21 views

CVE-2023-38319

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.8CVSS7.5AI score0.01096EPSS
Exploits1References6
OSV
OSV
added 2024/01/26 12:0 a.m.30 views

CVE-2023-38318

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.8CVSS7.5AI score0.01096EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2024/01/26 12:0 a.m.18 views

CVE-2023-38317

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.8CVSS9.7AI score0.01096EPSS
Exploits1
Debian CVE
Debian CVE
added 2024/01/26 12:0 a.m.18 views

CVE-2023-38318

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.8CVSS9.7AI score0.01096EPSS
Exploits1
Debian CVE
Debian CVE
added 2024/01/26 12:0 a.m.20 views

CVE-2023-38319

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.8CVSS9.8AI score0.01096EPSS
Exploits1
Debian CVE
Debian CVE
added 2024/01/26 12:0 a.m.16 views

CVE-2023-38323

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the status path script entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.8CVSS9.8AI score0.01096EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/01/25 12:0 a.m.7 views

PT-2024-12709 · Opennds +1 · Opennds +1

Name of the Vulnerable Software and Affected Versions: OpenNDS versions prior to 10.1.3 Description: An issue was discovered in OpenNDS where it fails to sanitize the gateway FQDN entry in the configuration file. This allows attackers with direct or indirect access to the configuration file to...

9.8CVSS9.5AI score0.01096EPSS
Exploits1References18
Positive Technologies
Positive Technologies
added 2024/01/25 12:0 a.m.4 views

PT-2024-12710 · Opennds +1 · Opennds +1

Name of the Vulnerable Software and Affected Versions: OpenNDS versions prior to 10.1.3 Description: An issue was discovered in OpenNDS where it fails to sanitize the FAS key entry in the configuration file. This allows attackers with direct or indirect access to the configuration file to execute...

9.8CVSS9.5AI score0.01096EPSS
Exploits1References18
Rows per page
Query Builder