1086 matches found
Okta Access Gateway 操作系统命令注入漏洞
Okta Access Gateway is an application gateway from Okta UK. It addresses this issue by effectively protecting access to local applications on the same platform that protects your cloud applications, infrastructure and APIs. A security vulnerability exists in Okta Access Gateway before 2020.9.3,...
Aruba Access Points 操作系统命令注入漏洞
Aruba Instant is a cloud-hosted controller-less wireless access point. A command injection vulnerability exists in the command line interface of Aruba Instant, which can be exploited by an attacker to execute arbitrary commands in the underlying operating system...
Aruba Access Points 命令注入漏洞
Aruba Instant is a cloud-hosted controller-less wireless access point. A command injection vulnerability exists in the command line interface of Aruba Instant, which can be exploited by an attacker to execute arbitrary commands in the underlying operating system...
Aruba Access Points 操作系统命令注入漏洞
Aruba Instant is a cloud-hosted controller-less wireless access point. A command injection vulnerability exists in the DHCP option of Aruba Instant, which can be exploited by an attacker to execute arbitrary commands in the underlying operating system...
Aruba Access Points 命令注入漏洞
Aruba Instant is a cloud-hosted controller-less wireless access point. A command injection vulnerability exists in the command line interface of Aruba Instant, which can be exploited by an attacker to execute arbitrary commands in the underlying operating system...
SonicWall SMA100 OS Command Injection Vulnerability (CNVD-2021-29478)
The SonicWall SMA100 is a secure access gateway appliance from SonicWALL USA. An operating system command injection vulnerability exists in SonicWall SMA100 version 10.2.0.5 and earlier versions, which can be exploited by an authenticated attacker to execute operating system commands on the targe...
Sonicwall SMA100 操作系统命令注入漏洞
The SonicWall SMA100 is a secure access gateway appliance from SonicWALL USA. An operating system command injection vulnerability exists in SonicWall SMA100 version 10.2.0.5 and earlier versions, which can be exploited by an authenticated attacker to execute operating system commands on the targe...
The vulnerability of the microprogrammed network interface cards of SONICWALL series SMA 100 lies in the lack of measures taken to neutralize the special elements used in the operating system’s commands. This allows attackers to execute arbitrary commands.
The vulnerability of the microprogrammed network interface cards SONICWALL of the SMA 100 series exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
Systeminformation Operating System Command Injection Vulnerability
An operating system command injection vulnerability exists in Systeminformation, which arises when a network system or product fails to properly filter special characters, commands, etc., during the construction of executable operating system commands from externally input data. An attacker could...
DEBIAN-CVE-2021-21289
Mechanize is an open-source ruby library that makes automated web interaction easy. In Mechanize from version 2.0.0 and before version 2.7.7 there is a command injection vulnerability. Affected versions of mechanize allow for OS commands to be injected using several classes' methods which...
LOGITEC CORPORATION LAN-W300N/PGRB Buffer Overflow Vulnerability
LOGITEC CORPORATION LAN-W300N/PGRB is a wireless router device. LOGITEC CORPORATION LAN-W300N/PGRB is vulnerable to a buffer overflow vulnerability, which can be exploited by attackers to execute arbitrary operating system commands via unspecified vectors...
LOGITEC CORPORATION LAN-W300N/PGRB 操作系统命令注入漏洞
LOGITEC CORPORATION LAN-W300N/PGRB is a wireless router device. LOGITEC CORPORATION LAN-W300N/PGRB is vulnerable to OS command injection, which can be exploited by attackers to execute arbitrary OS commands via unspecified vectors...
Zen Cart 操作系统命令注入漏洞
Zen Cart is an open source, free shopping mall system , used to build a professional online store . A remote code execution vulnerability exists in Zen Cart 1.5.7b. The vulnerability can be exploited by an administrator to execute arbitrary OS commands by inspecting HTML radio input elements and...
LOGITEC CORPORATION LAN-W300N/PGRB 缓冲区错误漏洞
LOGITEC CORPORATION LAN-W300N/PGRB is a wireless router device. LOGITEC CORPORATION LAN-W300N/PGRB is vulnerable to a buffer overflow vulnerability, which can be exploited by attackers to execute arbitrary operating system commands via unspecified vectors...
DELL EMC Avamar Server Path Traversal Vulnerability (CNVD-2021-05125)
DELL Dell EMC Avamar Server is a suite of fully virtualized backup and recovery software for servers from Dell USA. A path traversal vulnerability exists in DELL EMC Avamar Server versions 19.1, 19.2, and 19.3, which originates from an unauthenticated, remote attacker executing arbitrary operatin...
Cisco Smart Software Manager 操作系统命令注入漏洞
Cisco Smart Software Manager Satellite is software designed to provide intelligent management of licenses. A command injection vulnerability exists in the WEB UI of Cisco Smart Software Manager Satellite 5.1.0 and prior versions. The vulnerability stems from the program not properly validating...
The vulnerability of NETGEAR’s embedded software exists due to the lack of measures taken to neutralize special elements used in the operating system commands. This allows a hacker to execute arbitrary commands.
The vulnerability in NETGEAR’s embedded software exists because measures are not taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
CVE-2020-35578
An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands...
CVE-2020-35578
An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands...
CVE-2020-24581
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. It contains an executecmd.cgi feature that is not reachable via the web user interface that lets an authenticated user execute Operating System commands...