CVE-2022-1986

OS Command Injection in GitHub repository gogs/gogs prior to 0.12.9...

GHSA-GWP3-F7MR-QPFV OS Command Injection in s3-uploader

OS command injection vulnerability in Turistforeningen node-s3-uploader through 2.0.3 for Node.js allows attackers to execute arbitrary commands via the metadata function...

CVE-2022-26420

An OS command injection vulnerability exists in the console infactoryport functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability...

Tenda AC15 操作系统命令注入漏洞

The Tenda AC15 is a wireless router from Tenda China. Tenda AC15 USAC15V1.0BRV15.03.05.20multiTDE01.bin device web suffers from an operating system command injection vulnerability, which stems from a command injection vulnerability in the /goform/setsambacfg interface, which can also be coupled...

CVE-2021-40410

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 4 the dnsdata-dns1 variable, that has the value of the dns1 parameter provided through the SetLocal API, is not validated properly. This would lead to an OS command...

Security Bulletin: IBM FileNet Content Manager Operating System command injection security vulnerability

Summary FileNet Content Manager component Administration Console for Content Platform Engine ACCE user Operating System command injection security vulnerability Vulnerability Details CVEID: CVE-2021-38965 DESCRIPTION: IBM FileNet Content Manager could allow a remote authenticated attacker to...

Lantronix PremierWave 2050 OS Command Injection Vulnerability (CNVD-2022-04975)

The Lantronix PremierWave 2050 is an embedded Wi-Fi module manufactured by Lantronix. The Lantronix PremierWave 2050 is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution in the "EC keypasswd" parameter wit...

SAP NetWeaver AS 操作系统命令注入漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but is also the basic platform for SAP software. SAP NetWeaver AS ABAP suffers from an operating system command injection vulnerability that originates from allowing an attacker with elevated...

Lantronix PremierWave 2050 OS Command Injection Vulnerability

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. The Lantronix PremierWave 2050 is vulnerable to an operating system command injection vulnerability that could be exploited by attackers to cause arbitrary command execution...

Lantronix PremierWave 2050 OS Command Injection Vulnerability (CNVD-2022-04980)

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. The Lantronix PremierWave 2050 is vulnerable to an operating system command injection vulnerability that could be exploited by attackers to cause arbitrary command execution...

Open Game Panel 操作系统命令注入漏洞

Open Game Panel is an open source game server control panel. It uses a web interface PHP/MySQL to control the agent Perl running on the server hosting the game. It is used to start/stop/monitor game server instances. A security vulnerability exists in Open Game Panel OGP-Agent-Linux, which stems...

Fortinet FortiClient 操作系统命令注入漏洞

Fortinet FortiClient is a structured agent from Fortinet, Inc. It is used to provide protection, compliance, and secure access in a single modular lightweight client. Fortinet FortiClient suffers from an operating system command injection vulnerability that can be exploited by an unauthenticated,...

DRK Odenwaldkreis Testerfassung 操作系统命令注入漏洞

DRK Odenwaldkreis Testerfassung is an open source solution for obtaining and documenting corona antigen rapid test results. DRK Odenwaldkreis Testerfassung March-2021 An operating system command injection vulnerability, which originates in the application's results.php Shell metacharacter injecti...

CVE-2021-36982

AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall AIWAF devices with Manager 2.1.0 allows OS Command Injection because of missing input validation on one of the parameters of an HTTP request...

China Mobile An Lianbao WF-1 router 操作系统命令注入漏洞

China Mobile An Lianbao WF-1 router is a router from China Mobile China. China Mobile An Lianbao WF-1 router 1.0.1 suffers from an operating system command injection vulnerability, which originates in the api/ZRFirmware/settimezone set time zone interface, that can be exploited by remote attacker...

CVE-2021-25297

Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command...

Nagios XI 安全漏洞

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. An OS command injection vulnerability exists in /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php in Nagio...

DELL EMC PowerScale 操作系统命令注入漏洞

Dell EMC PowerScale OneFS is an API-powered file system. An OS command injection vulnerability exists in Dell EMC PowerScale OneFS 8.1.0 - 9.1.0. An attacker with the ISIPRIVCLUSTER privilege could exploit this vulnerability to execute arbitrary OS commands on the underlying OS of an application...

Multiple Cisco Products OS Command Injection Vulnerabilities

The Cisco Small Business RV Series Routers is an RV series router from Cisco. An operating system command injection vulnerability exists in the Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers, which can be exploited by an authenticated, remote attacker to inject arbitra...

LOGITEC CORPORATION LAN-W300N/PGRB Operating System Command Injection Vulnerability

LOGITEC CORPORATION LAN-W300N/PGRB is a wireless router device. LOGITEC CORPORATION LAN-W300N/PGRB is vulnerable to OS command injection, which can be exploited by attackers to execute arbitrary OS commands via unspecified vectors...