451 matches found
Multiple vulnerabilities in Mubit Powered BLUE 870
Overview Powered BLUE 870 provided by Mubit co.,ltd. contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2025-54958 Path traversal CWE-22 - CVE-2025-54959 CVE-2025-54958 Yusuke SAKAI of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC...
CVE-2025-30098
Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an ...
DeepResearchAgent 命令注入漏洞
DeepResearchAgent is an open source application from Skywork. DeepResearchAgent has a command injection vulnerability that stems from the incorrect manipulation of parameters in the fromcode/fromdict/frommcp functions in the src/tools/tools.py file, which could lead to os command injection...
Kenwood DMX958XR 操作系统命令注入漏洞
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. An operating system command injection vulnerability exists in the Kenwood DMX958XR JKWifiService function, which can be exploited by an attacker to execute code in a root context...
CVE-2025-5243
Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in SMG Software Information Portal allows Code Injection, Upload a Web Shell to a Web Server, Code Inclusion. This issue affects Information...
CVE-2025-41673
A high privileged remote attacker can execute arbitrary system commands via POST requests in the sendsms action due to improper neutralization of special elements used in an OS command...
CVE-2025-7553
CVE-2025-7553 affects D-Link DIR-818LW firmware up to 20191215. The vulnerability is in the System Time Page, where manipulation of the NTP Server parameter allows os command injection. Exploitation is possible remotely, and the exploit has been disclosed publicly. The issue is associated with de...
Comodo Internet Security Premium 命令注入漏洞
Comodo Internet Security Premium is a suite of computer security software from Comodo, Inc. that focuses on Internet security. A command injection vulnerability exists in Comodo Internet Security Premium version 12.3.4.8162, which stems from incorrect manipulation of the parameter binary/params...
ZendTo 安全漏洞
ZendTo is a web-based file transfer system from ZendTo Inc. A security vulnerability exists in ZendTo 6.10-6 Beta and earlier versions, which stems from an os command injection due to the misbehavior of the parameter file1 in the file NSSDropoff.php...
OS Command Exec, Unix Command Shell, Bind TCP (via Ruby)
Execute an OS command from PHP. Continually listen for a connection and spawn a command shell via Ruby Module Options msf use payload/php/unix/cmd/bindruby msf payloadbindruby show actions ...actions... msf payloadbindruby set ACTION msf payloadbindruby show options ...show and set options... msf...
OS Command Exec, Unix Command Shell, Reverse TCP SSL (via Ruby)
Execute an OS command from PHP. Connect back and create a command shell via Ruby, uses SSL Module Options msf use payload/php/unix/cmd/reverserubyssl msf payloadreverserubyssl show actions ...actions... msf payloadreverserubyssl set ACTION msf payloadreverserubyssl show options ...show and set...
OS Command Exec, Unix Command Shell, Bind TCP (via Lua)
Execute an OS command from PHP. Listen for a connection and spawn a command shell via Lua Module Options msf use payload/php/unix/cmd/bindlua msf payloadbindlua show actions ...actions... msf payloadbindlua set ACTION msf payloadbindlua show options ...show and set options... msf payloadbindlua r...
OS Command Exec, Unix Command Shell, Bind TCP (via netcat)
Execute an OS command from PHP. Listen for a connection and spawn a command shell via netcat Module Options msf use payload/php/unix/cmd/bindnetcat msf payloadbindnetcat show actions ...actions... msf payloadbindnetcat set ACTION msf payloadbindnetcat show options ...show and set options... msf...
OS Command Exec, Unix Command Shell, Bind TCP (stub)
Execute an OS command from PHP. Listen for a connection and spawn a command shell stub only, no payload Module Options msf use payload/php/unix/cmd/bindstub msf payloadbindstub show actions ...actions... msf payloadbindstub set ACTION msf payloadbindstub show options ...show and set options... ms...
OS Command Exec, Unix Command Shell, Reverse TCP (via jjs)
Execute an OS command from PHP. Connect back and create a command shell via jjs Module Options msf use payload/php/unix/cmd/reversejjs msf payloadreversejjs show actions ...actions... msf payloadreversejjs set ACTION msf payloadreversejjs show options ...show and set options... msf...
OS Command Exec, Unix Command Shell, Reverse TCP (via Python)
Execute an OS command from PHP. Connect back and create a command shell via Python Module Options msf use payload/php/unix/cmd/reversepython msf payloadreversepython show actions ...actions... msf payloadreversepython set ACTION msf payloadreversepython show options ...show and set options... msf...
OS Command Exec, Unix Command Shell, Reverse UDP (via socat)
Execute an OS command from PHP. Creates an interactive shell via socat Module Options msf use payload/php/unix/cmd/reversesocatudp msf payloadreversesocatudp show actions ...actions... msf payloadreversesocatudp set ACTION msf payloadreversesocatudp show options ...show and set options... msf...
OS Command Exec, Add user with useradd
Execute an OS command from PHP. Creates a new user. By default the new user is set with sudo but other options exist to make the new user automatically root but this is not automatically set since the new user will be treated as root and login may be difficult. The new user can also be set as jus...
OS Command Exec, Unix Command Shell, Bind TCP (via jjs)
Execute an OS command from PHP. Listen for a connection and spawn a command shell via jjs Module Options msf use payload/php/unix/cmd/bindjjs msf payloadbindjjs show actions ...actions... msf payloadbindjjs set ACTION msf payloadbindjjs show options ...show and set options... msf payloadbindjjs r...
OS Command Exec, Unix Command Shell, Bind TCP (via perl) IPv6
Execute an OS command from PHP. Listen for a connection and spawn a command shell via perl Module Options msf use payload/php/unix/cmd/bindperlipv6 msf payloadbindperlipv6 show actions ...actions... msf payloadbindperlipv6 set ACTION msf payloadbindperlipv6 show options ...show and set options...