12 matches found
CVE-2021-41315
The Device42 Remote Collector before 17.05.01 does not sanitize user input in its SNMP Connectivity utility. This allows an authenticated attacker with access to the console application to execute arbitrary OS commands and escalate privileges...
EUVD-2021-28345
Malicious code in bioql PyPI...
EUVD-2021-28344
Malicious code in bioql PyPI...
CVE-2021-41315
The Device42 Remote Collector before 17.05.01 does not sanitize user input in its SNMP Connectivity utility. This allows an authenticated attacker with access to the console application to execute arbitrary OS commands and escalate privileges...
CVE-2021-41316
The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery utility. An attacker with permissions to add or edit jobs run by this utility can inject an extra argument to overwrite arbitrary files as the root user on the Remote Collector...
CVE-2021-41315
The Device42 Remote Collector before 17.05.01 does not sanitize user input in its SNMP Connectivity utility. This allows an authenticated attacker with access to the console application to execute arbitrary OS commands and escalate privileges...
Design/Logic Flaw
The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery utility. An attacker with permissions to add or edit jobs run by this utility can inject an extra argument to overwrite arbitrary files as the root user on the Remote Collector...
Design/Logic Flaw
The Device42 Remote Collector before 17.05.01 does not sanitize user input in its SNMP Connectivity utility. This allows an authenticated attacker with access to the console application to execute arbitrary OS commands and escalate privileges...
CVE-2021-41315
Device42 Remote Collector prior to version 17.05.01 is vulnerable to a command-injection in the SNMP Connectivity utility due to unsanitized user input. An authenticated attacker with access to the console application can execute arbitrary OS commands and escalate privileges. Remediation per conn...
CVE-2021-41316
The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery utility. An attacker with permissions to add or edit jobs run by this utility can inject an extra argument to overwrite arbitrary files as the root user on the Remote Collector...
Device42 Remote Collector 操作系统命令注入漏洞
Device42 Remote Collector is a virtual appliance from Device42, Inc. that facilitates SNMP, IPMI, hypervisor, and other auto-discovery across a network, requiring only https access and no need to open a large number of ports across network segments. A security vulnerability exists in Device42...
Vulnerabilities fixed in VMware vRealize Operations Manager
There are two vulnerabilities in VMware vRealize Operations Manager. These vulnerabilities, if exploited, can lead to the execute arbitrary code with administrator privileges on the Application Remote Collector ARC and all virtual systems on which an ARC Telegraph agent is installed. VMWare has...