Design/Logic Flaw

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. It contains an executecmd.cgi feature that is not reachable via the web user interface that lets an authenticated user execute Operating System commands...

CVE-2020-24581

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. It contains an executecmd.cgi feature that is not reachable via the web user interface that lets an authenticated user execute Operating System commands...

The vulnerability of the Rake::FileList class implementation in the Rake tool for automating the compilation of software code allows a attacker to execute arbitrary commands.

The vulnerability of the Rake::FileList class implementation in the Rake tool for automating the compilation of software code is related to the lack of measures taken to eliminate special elements used in operating system commands. Exploiting this vulnerability allows an attacker to execute...

Aerospike Database UDF Lua Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Aerospike Database UDF Lua Code Execution', 'Description' = %q Aerospike Database versions before 5.1.0.3 permitted user-defined functions UDF to...

Aerospike Database UDF Lua Code Execution

Aerospike Database versions before 5.1.0.3 permitted user-defined functions UDF to call the os.execute Lua function. This module creates a UDF utilising this function to execute arbitrary operating system commands with the privileges of the user running the Aerospike service. This module does not...

CVE-2020-26838

SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with high developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It i...

CVE-2020-26838

SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with high developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It i...

TotoLink A3002RU 命令注入漏洞

Totolink TOTOLINK A3002RU is a wireless router product from Totolink Taiwan, China. A command injection vulnerability exists in the TOTOLINK A3002RU-V2.0.0 B20190814.1034, which could allow a remote, authenticated user to modify the system's "run command". An attacker can use this vulnerability t...

PT-2020-16101 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002RU version 2.0.0 B20190814.1034 Description: The issue allows authenticated remote users to modify the system's 'Run Command'. An attacker can use this functionality to execute arbitrary OS commands on the router. Recommendation...

The vulnerability in the subscription subsystem of Cisco AsyncOS allows a hacker to increase their privileges.

The vulnerability of the subscription subsystem for Cisco AsyncOS relates to the lack of measures to neutralize special elements used in the operating system command. Exploiting this vulnerability can allow attackers to enhance their privileges...

TP-Link TL-WPA4220 Arbitrary OS Command Execution Vulnerability

The TP-Link TL-WPA4220 is a 300Mbps AV600 Wi-Fi powerline extender. An arbitrary OS command execution vulnerability exists in httpd in the TP-Link TL-WPA4220. A remote authenticated user can exploit this vulnerability to execute arbitrary OS commands by sending a specially crafted POST request to...

Trend Micro InterScan Web Security Virtual Appliance Command Injection Vulnerability

Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A command injection vulnerability exists in AddVLANItem in Trend Micro InterScan Web...

The vulnerability in the web interface of the Cisco Integrated Management Controller, a remote management device for servers, allows a perpetrator to execute arbitrary commands on the operating system.

The vulnerability of the Cisco Integrated Management Controller’s remote management web interface exists due to the lack of measures taken to neutralize the special elements used in the operating system command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary...

SAP NetWeaver AS JAVA Command Execution Vulnerability (CNVD-2020-62998)

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A security vulnerability exists in SAP NetWeaver AS JAVA version 7.20, 7.30, 7.31, 7.40, and 7.50 that allows an...

vim: users can execute arbitrary OS commands via scripting interfaces in the rvim restricted mode

A flaw was found in vim in the restricted mode, where all commands that make use of external shells are disabled. However, it was found that users could still execute some arbitrary OS commands in the restricted mode. This flaw was fixed by filtering the functions that can call OS commands...

CVE-2020-7373

vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widgettabbedcontainertabpanel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. ALSO NOTE: CVE-2020-7373 is a duplicate of CVE-2020-17496. CVE-2020-17496 is...

CVE-2020-5791

Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache user...

Command Execution Vulnerability in Tianqing Security Isolation and Information Exchange System (CNVD-2020-60067)

Tianqing Security Isolation and Information Exchange System is an access control switch equipment with network isolation technology independently developed by Beijing Qixingchen Information Technology Co., Ltd, which provides high security isolation protection for key data. A command execution...

CVE-2020-6364

SAP Solution Manager and SAP Focused Run update provided in WILYINTROENTERPRISE 9.7, 10.1, 10.5, 10.7, allows an attacker to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise Manager,leading to Code Injection...

The vulnerability of the device controller in the Cisco Data Center Network Manager system allows a hacker to execute arbitrary operating system commands.

The vulnerability of the DCNM device’s dispatcher exists due to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands remotely...