Dell Unity 操作系统命令注入漏洞

Dell Unity is a set of virtual Unity storage environments from Dell USA. An OS command injection vulnerability exists in Dell Unity 5.4 and earlier versions, which can be exploited by an attacker to execute arbitrary operating system commands on the system...

Dell Unity 操作系统命令注入漏洞

Dell Unity is a set of virtual Unity storage environments from Dell USA. An OS command injection vulnerability exists in Dell Unity 5.4 and earlier versions, which can be exploited by an attacker to execute arbitrary operating system commands on the system...

CVE-2024-12010

A post-authentication command injection vulnerability in the ”zyUtilMailSend” function of the Zyxel AX7501-B1 firmware version V5.17ABPC.5.3C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system OS commands on a vulnerable device...

CVE-2024-12010

A post-authentication command injection vulnerability in the ”zyUtilMailSend” function of the Zyxel AX7501-B1 firmware version V5.17ABPC.5.3C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system OS commands on a vulnerable device...

CVE-2024-12009

A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70ACDZ.3.6C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system OS commands on a vulnerable device...

CVE-2024-12009

CVE-2024-12009 : A post-authentication command injection in the ZyEE function affects Zyxel EX5601-T1 firmware up to V5.70(ACDZ.3.6)C0 and earlier, allowing an authenticated administrator to execute OS commands on the device. Documented impact is high (C/H/I/A) with network access and no user int...

CVE-2024-12009

A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70ACDZ.3.6C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system OS commands on a vulnerable device...

CVE-2024-11253

A post-authentication command injection vulnerability in the "DNSServer” parameter of the diagnostic function in the Zyxel VMG8825-T50K firmware version V5.50ABOM.8.5C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system OS commands on a...

MENNEKES Ladesäule Smart 安全漏洞

MENNEKES Ladesäule Smart is a smart charging post from MENNEKES. A security vulnerability exists in MENNEKES Ladesäule Smart that stems from improper OS command neutralization, which could lead to command execution...

MENNEKES Ladesäule Smart 安全漏洞

MENNEKES Ladesäule Smart is a smart charging post from MENNEKES. A security vulnerability exists in MENNEKES Ladesäule Smart that stems from improper OS command neutralization, which could lead to command execution...

Exploit for CVE-2025-26056

CVE-2025-26056 Auhtor: Rohan Deshpande OS Command Inject...

mySCADA myPRO OS Command Injection Vulnerability (CNVD-2025-03918)

mySCADA myPRO is a professional HMI/SCADA system from mySCADA designed for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO that originates from not properly validating input. An attacker could exploit this...

MicroWorld eScan Antivirus 命令注入漏洞

MicroWorld eScan Antivirus is an antivirus software from MicroWorld. A command injection vulnerability exists in MicroWorld eScan Antivirus version 7.0.32. An attacker can exploit this vulnerability to perform operating system command injection locally...

PT-2025-7040 · Myscada · Myscada Mypro Manager

Name of the Vulnerable Software and Affected Versions: mySCADA myPRO Manager affected versions not specified Description: The administrative web interface of mySCADA myPRO Manager can be accessed without authentication, which could allow an unauthorized attacker to retrieve sensitive information...

mySCADA myPRO Manager Unauthenticated Command Injection (CVE-2024-47407)

Unauthenticated Command Injection in MyPRO Manager use exploit/windows/scada/mypromgrcmd msf exploitmypromgrcmd show targets ...targets... msf exploitmypromgrcmd set TARGET msf exploitmypromgrcmd show options ...show and set options... msf exploitmypromgrcmd exploit class MetasploitModule 'mySCAD...

CVE-2024-40890

UNSUPPORTED WHEN ASSIGNED A post-authentication command injection vulnerability in the CGI program of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00AAFR.4C020170615 could allow an authenticated attacker to execute operating system OS commands on an affected device by sending a crafte...

CVE-2024-40891

UNSUPPORTED WHEN ASSIGNED A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00AAFR.4C020170615 could allow an authenticated attacker to execute operating system OS commands on an affected device via Telnet...

CVE-2024-7203

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system OS commands on a...

CVE-2024-9200

A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15ABQA.2.2C0 could allow an authenticated attacker with administrator privileges to execute operating system OS commands on a vulnerable devi...

CVE-2024-6342

UNSUPPORTED WHEN ASSIGNED A command injection vulnerability in the export-cgi program of Zyxel NAS326 firmware versions through V5.21AAZF.18C0 and NAS542 firmware versions through V5.21ABAG.15C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a...