Sonicwall SRA 8.1.0.2-14sv gencsr.cgi Command Injection

Exploit Title: Sonicwall gencsr CGI Remote Command Injection Vulnerablity Date: 12/24/2016 Exploit Author: xort @ Critical Start Vendor Homepage: www.sonicwall.com Software Link: sonicwall.com/products/sra-virtual-appliance Version: 8.1.0.6-21sv Tested on: 8.1.0.2-14sv CVE : awaiting cve vuln:...

Netscaler SD-WAN 9.1.2.26.561201 - Command Injection (Metasploit)

Exploit Title: Citix SD-WAN logout cookie preauth Remote Command Injection Vulnerablity Date: 02/20/2017 Exploit Author: xort @ Critical Start Vendor Homepage: www.citrix.com Software Link: https://www.citrix.com/downloads/cloudbridge/ Version: 9.1.2.26.561201 Tested on: 9.1.2.26.561201 OS...

Barracuda Load Balancer Remote Command Injection Vulnerability

Barracuda Networks Load Balancer is an application delivery controller from Barracuda Networks. A remote command injection vulnerability exists in the Barracuda Networks Load Balancer using firmware version 6.0.1.006 and earlier, which stems from the deleteassessment command being issued while th...

Command injection

A remote command injection vulnerability exists in the Barracuda Load Balancer product line confirmed on v5.4.0.004 2015-11-26 and v6.0.1.006 2016-08-19; fixed in 6.1.0.003 2017-01-17 in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability...

CVE-2017-6320

A remote command injection vulnerability exists in the Barracuda Load Balancer product line confirmed on v5.4.0.004 2015-11-26 and v6.0.1.006 2016-08-19; fixed in 6.1.0.003 2017-01-17 in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability...

CVE-2017-6320

A remote command injection vulnerability exists in the Barracuda Load Balancer product line confirmed on v5.4.0.004 2015-11-26 and v6.0.1.006 2016-08-19; fixed in 6.1.0.003 2017-01-17 in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability...

CVE-2017-6320

Barracuda Load Balancer product line is affected by CVE-2017-6320. The flaw is a remote command-injection due to unsanitized data processed in a system call during the delete_assessment command, exploitable by an authenticated user to run arbitrary shell commands and gain root privileges. Affecte...

Sophos Web Appliance 4.3.0.2 - 'trafficType' Remote Command Injection (Metasploit)

Exploit Title: Sophos Web Appliance reporting JSON trafficType Remote Command Injection Vulnerablity Date: 01/28/2017 Exploit Author: xort @ Critical Start Vendor Homepage: www.sophos.com Software Link: sophos.com/en-us/products/secure-web-gateway.aspx Version: 4.3.0.2 Tested on: 4.3.0.2 CVE :...

Barracuda Load Balancer Firmware < 6.0.1.006 - Remote Command Injection (Metasploit)

Exploit Title: Barracuda Load Balancer Firmware 'Barracuda Load Balancer Firmware %q This module exploits a remote command execution vulnerability in the Barracuda Load Balancer Firmware Version = v6.0.1.006 2016-08-19 by exploiting a vulnerability in the web administration interface. By sending ...

Sophos Web Appliance 4.3.0.2 - trafficType Remote Command Injection (Metasploit)

Sophos Web Appliance 4.3.0.2 - trafficType Remote Command Injection Metasploit Exploit Title: Sophos Web Appliance reporting JSON trafficType Remote Command Injection Vulnerablity Date: 01/28/2017 Exploit Author: xort @ Critical Start Vendor Homepage: www.sophos.com Software Link:...

Sophos Web Appliance 4.3.0.2 - trafficType Remote Command Injection Exploit

Exploit for hardware platform in category web applications Exploit Title: Sophos Web Appliance reporting JSON trafficType Remote Command Injection Vulnerablity Date: 01/28/2017 Exploit Author: xort @ Critical Start Vendor Homepage: www.sophos.com Software Link:...

KDDI HOME SPOT CUBE WebUI Operating System Command Injection Vulnerability

KDDI HOME SPOT CUBE is a home wireless router product from KDDI Japan.WebUI is one of the graphical user interfaces. An operating system command injection vulnerability exists in the WebUI of the KDDI HOME SPOT CUBE2 using firmware version 101 and earlier. A remote attacker can exploit this...

Command injection

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF...

CVE-2017-9757

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF...

CVE-2017-9757

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF...

CVE-2017-9757

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF...

CVE-2017-9757

IPFire 2.19 contains a remote command injection vulnerability in the ids.cgi script via the OINKCODE parameter. The issue is triggered when the shell mishandles the input, allowing an attacker to execute commands. Exploitation can occur by authenticated users or via CSRF, according to CVE-2017-97...

CVE-2017-9757

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF. Recent assessments: h00die at March 25, 2020 12:10am UTC reported: Authentication is required,...

Sophos Web Appliance < 4.3.1 Multiple Remote Command Injection Vulnerabilities

According to its self-reported version number, the Sophos Web Appliance software running on the remote host is prior to 4.3.1. It is, therefore, affected by multiple vulnerabilities : - A remote command injection vulnerability exists in the web administration interface in the...

Remote Command Injection Vulnerability at Foscam camera Add User

FOSCAM Group is a national high-tech enterprise specializing in the design, research and development, manufacturing and sales of network cameras, network video recorders and other products. Remote command injection vulnerability exists in the usrName parameter of the CGIProxy.fcgi addAccount...