Microsoft Azure 操作系统命令注入漏洞

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from Microsoft Corporation USA. An operating system command injection vulnerability exists in Microsoft Azure CLI versions prior to 2.40.0, which originates from a host running Azure CLI commands where the parameter...

XXL-JOB 操作系统命令注入漏洞

XXL-JOB is a distributed task scheduling platform based on java language from XU Xueli XXL-JOB community. XXL-JOB version 2.2.0 suffers from an operating system command injection vulnerability, which stems from a command execution vulnerability in a background task...

PT-2022-6313 · Dell · Dell Container Storage Modules

Name of the Vulnerable Software and Affected Versions: Dell Container Storage Modules version 1.2 Description: The issue is related to an OS Command Injection in the goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this, leading to modification of intended OS command...

Hitachi RAID Manager SRA 操作系统命令注入漏洞

Hitachi RAID Manager SRA is a storage replication adapter software from Hitachi, Japan. A security vulnerability exists in Hitachi RAID Manager Storage Replication Adapter that originates from it allowing remote authenticated users to execute arbitrary OS commands via OS command injection...

RPi-Jukebox-RFID 操作系统命令注入漏洞

RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developers at Micz Flor in Germany. It plays audio files, playlists, podcasts, web streams and spotify triggered by the RFID card. An operating system command injection vulnerability exists in RPi-Jukebox-RFID...

Microsoft VSCode Extension 操作系统命令注入漏洞

Microsoft VSCode Extension is an extension for VSCode from Microsoft Corporation USA. An operating system command injection vulnerability exists in Microsoft VSCode Extension vscode-gitops-tools versions 0.7.0 through 0.20.2, which originates from a specially crafted Flux object in the context of...

TCL LinkHub Mesh Wi-Fi 操作系统命令注入漏洞

TCL LinkHub Mesh Wi-Fi is a router from TCL. An OS command injection vulnerability exists in TCL LinkHub Mesh Wi-Fi MS1G0001.0014 version, which stems from an os command injection vulnerability in the confsrv ucloudaddnewnode function. An attacker could exploit this vulnerability by sending...

Dell EMC PowerStore 操作系统命令注入漏洞

Dell EMC PowerStore is a storage device from Dell, Inc. A security vulnerability exists in Dell EMC PowerStore versions prior to 3.0.0.0, which stems from an operating system command injection vulnerability contained in the PowerStore T environment, which could be exploited by a...

mailcow 操作系统命令注入漏洞

mailcow is a mail server suite. An operating system command injection vulnerability exists in versions prior to mailcow 2022-06a that originates from the ability to execute arbitrary code by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutno...

Fortinet FortiManager和FortiAnalyzer 操作系统命令注入漏洞

Fortinet FortiManager and Fortinet FortiAnalyzer are both products from Fortinet, Inc. Fortinet FortiManager is a centralized network security management platform. The platform supports centralized management of any number of Fortinet devices, and can be grouped into different management domains...

Marval MSM 操作系统命令注入漏洞

Marval MSM is an innovative IT service management software from Marval UK. A security vulnerability exists in Marval MSM version v14.19.0.12476, which stems from insecure handling of VBScript, resulting in vulnerability to operating system command injection...

CVE-2022-30329

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands...

CVE-2022-30329

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands...

Google-it 操作系统命令注入漏洞

Google-it is a simple library for converting Google search results to JSON output, and will soon offer interactive display options. A security vulnerability exists in Google-it version 1.6.2 and earlier, which stems from the fact that it allows its users to send a search query to Google and recei...

CVE-2022-29539

resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software e.g.,...

InHand Networks InRouter302 操作系统命令注入漏洞

InHand Networks InRouter Series is a series of routers from InHand Networks, Inc. InHand Networks InRouter302 version V3.5.37 contains an operating system command injection vulnerability that can be exploited by attackers to cause arbitrary command execution...

CVE-2022-29592

Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via setroute called by doSystemCmdroute...

Yokogawa Electric和Yokogawa Electric CENTUM VP 操作系统操作系统命令注入漏洞

Yokogawa Electric is a server from Yokogawa, Japan.Yokogawa Electric CENTUM VP is a CENTUM distributed control system from Yokogawa Electric, Japan. Setting high standards for engineering and technical excellence while ensuring backward compatibility with previous system versions and support for...

UIC-DATA ONU4FERW 命令注入漏洞

C-DATA ONU4FERW is used for data management.C-DATA ONU4FERW is vulnerable to OS command injection, which can be exploited by attackers to execute arbitrary commands via the FormImportomCashell function...

GHSA-4V9W-PVWR-38H3 OS Command Injection in strong-nginx-controller

strong-nginx-controller through 1.0.2 is vulnerable to Command Injection. It allows execution of arbitrary command as part of the 'nginxCmd' function...