cups security update

1:2.3.3op2-31 - RHEL-60343 CVE-2024-47175 cups: remote command injection via attacker controlled data in PPD file...

CVE-2024-52739

CVE-2024-52739 affects the D-LINK DI-8400 router with firmware v16.07.26A1. The issue is multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function, exploitable via the flag and cmd parameters due to improper handling. The documented impact is remote arbitrary command ex...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

CVE-2024-51151

CVE-2024-51151 affects the D-Link DI-8200 with firmware 16.07.26A1. The vulnerability is a remote command execution in the msp_info_htm function, exploitable via the flag parameter and the cmd parameter. The connected documents consistently describe this issue as a command injection/remotely expl...

PT-2024-8579 · D Link · D-Link Di-8400

Name of the Vulnerable Software and Affected Versions: D-LINK DI-8400 version 16.07.26A1 Description: The issue is related to the msp info htm function in the D-LINK DI-8400 router's firmware, which does not properly neutralize special elements used in a command. This can be exploited by a remote...

The vulnerability in the `usb_remote_smb_conf.cgi` script of NETGEAR R8500 router software allows a hacker to execute arbitrary commands.

The vulnerability in the usbremotesmbconf.cgi script of NETGEAR R8500 router microprogramming software lies in the lack of measures to neutralize special elements used in the operating system’s command when processing the sharename parameter. Exploiting this vulnerability allows a remote attacker...

The vulnerability in the ap_mode.cgi script of NETGEAR’s router microprogramming devices R8500, XR300, R7000P, and R6400 v2 allows a hacker to execute arbitrary commands.

The vulnerability of the apmode.cgi script in NETGEAR’s router microprogramming devices such as R8500, XR300, R7000P, and R6400 v2 lies in the lack of measures to neutralize special elements used in the operating system’s commands when processing the apmodegateway parameter. Exploiting this...

The vulnerability of the ccmdebug_m() function in the microprogramming software for the Annke Crater 2 (F300) camera allows a intruder to execute arbitrary commands.

The vulnerability of the ccmdebugm function in the Annke Crater 2 F300 IP camera software lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending a...

CVE-2024-51503

A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to...

CVE-2024-51503

A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to...

CVE-2024-51503

A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to...

The vulnerability in the genie_dyn.cgi script of the Netgear XR300 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability in the geniedyn.cgi script of the Netgear XR300 router software lies in the lack of measures to neutralize special elements used in the operating system’s command when processing the parameter systemname. Exploiting this vulnerability allows a remote attacker to execute arbitrar...

The vulnerability of the set_ap_map_config() function in the mainfunction.cgi script of the DrayTek Vigor 3900, Vigor 2960, and Vigor 300B router microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the setapmapconfig function in the mainfunction.cgi script of the DrayTek Vigor 3900, Vigor 2960, and Vigor 300B routers relates to the failure to eliminate the and & elements used in the operating system’s command when processing the action parameter. Exploiting this...

The vulnerability in the genie_fix2.cgi microprogramming software for Netgear XR300, R7000P, and R6400 v2 allows a hacker to execute arbitrary commands.

The vulnerability of the geniefix2.cgi microprogramming software for Netgear XR300, R7000P, and R6400 v2 lies in the lack of measures taken to neutralize special elements used in the operating system’s commands when processing the wangateway parameter. Exploiting this vulnerability allows a remot...

The vulnerability in the genie_fix2.cgi microprogramming software of Netgear R8500’s routers allows a hacker to execute arbitrary commands.

The vulnerability of the geniefix2.cgi microprogramming software for Netgear R8500 routers lies in the lack of measures to neutralize special elements used in the operating system’s commands when processing the wangateway parameter. Exploiting this vulnerability allows a remote attacker to execut...

The vulnerability of the wiz_fix2.cgi script of the Netgear R8500 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the wizfix2.cgi microprogramming software for Netgear R8500 routers lies in the lack of measures to neutralize special elements used in the operating system’s commands when processing the wangateway parameter. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of the doOpenVPN() function in the mainfunction.cgi script of the DrayTek Vigor 3900, Vigor 2960, and Vigor 300B routers allows a hacker to execute arbitrary commands.

The vulnerability of the doOpenVPN function in the mainfunction.cgi script of the DrayTek Vigor 3900, Vigor 2960, and Vigor 300B routers is related to the failure to eliminate the and & elements used in the operating system’s command when processing the action parameter. Exploiting this...

The vulnerability of the SSH and Telnet protocol implementations of the D-Link DSL6740C modem’s microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of SSH and Telnet protocols implemented by the microprogramming software of the D-Link DSL6740C modem lies in the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of the SSH and Telnet protocol implementations of the D-Link DSL6740C modem’s microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of SSH and Telnet protocols implemented by the microprogramming software of the D-Link DSL6740C modem lies in the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of Geovision GV-VS12, GV-VS11, GV-DSP LPR V3, GVLX 4, and GVLX 4 IP video server microprogramming systems arises from the failure to eliminate special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands.

The vulnerability of Geovision GV-VS12, GV-VS11, GV-DSP LPR V3, GVLX 4, and GVLX 4 microprogrammed software for IP video servers is related to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor ...