19630 matches found
CVE-2023-45249
Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure ACI before build 5.0.1-61, Acronis Cyber Infrastructure ACI before build 5.1.1-71, Acronis Cyber Infrastructure ACI before build 5.2.1-69, Acronis Cyber Infrastructure ACI...
PT-2024-29288 · Hewlett Packard · Hpe Aruba Networking Edgeconnect Sd-Wan Gateway
Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking EdgeConnect SD-WAN gateway affected versions not specified Description: A vulnerability exists in the Command Line Interface of the HPE Aruba Networking EdgeConnect SD-WAN gateway, allowing remote authenticated users to r...
The vulnerability of the application component for managing the lifecycle of mobile devices and mobile applications, Ivanti Endpoint Manager Mobile (EPMM) (formerly MobileIron Core), allows a perpetrator to execute arbitrary commands in the basic operating system.
The vulnerability of the Ivanti Endpoint Manager Mobile EPMM web component for managing the lifecycle of mobile devices and applications formerly known as MobileIron Core is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute...
The vulnerability of the application component for managing the lifecycle of mobile devices and mobile applications, Ivanti Endpoint Manager Mobile (EPMM) (formerly MobileIron Core), allows a perpetrator to execute arbitrary commands in the basic operating system.
The vulnerability of the Ivanti Endpoint Manager Mobile EPMM web component for managing the lifecycle of mobile devices and mobile applications formerly known as MobileIron Core is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor t...
The vulnerability of the formWriteFacMac function in the microprogramming software for wireless Wi-Fi routers Tenda W30E allows a hacker to execute arbitrary commands.
The vulnerability of the formWriteFacMac function in the Tenda W30E wireless Wi-Fi router software exists due to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the microprogrammed software in video surveillance systems GeoVision GV-DSP, GV-IPCAMD, GV-VS, and GVLX 4 exists due to the lack of measures taken to neutralize special elements used in the operating system commands. This vulnerability allows attackers to execute arbitrary commands.
The vulnerability of the microprogramming software used in video surveillance systems GeoVision GV-DSP, GV-IPCAMD, GV-VS, and GVLX 4 exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote...
The vulnerability of the SINEMA Remote Connect VPN service, related to the lack of data cleansing at the management level, allows a perpetrator to execute arbitrary codes.
The vulnerability of the SINEMA Remote Connect VPN service lies in the lack of data cleansing measures at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands with root privileges...
The vulnerability of the web interface of the microprogrammed software for Netis MW5360 allows a hacker to execute arbitrary commands.
The vulnerability of the web interface of Netis MW5360 microprogrammed software routers lies in the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands during the processing of the password parameter...
Progress Kemp LoadMaster Remote Command Execution
Progress Kemp LoadMaster versions 7.2.48.1 7.2.59.2 / 7.2.48.1 7.2.54.8 and 7.2.48.1 7.2.48.10 is affected by a vulnerability allowing an unauthenticated attacker to execute remote commands via a specially forged request. No source data...
The vulnerability of the proc_open() function in the PHP interpreter allows attackers to execute arbitrary commands.
The vulnerability of the procopen function in the PHP programming language exists because measures to neutralize the special elements used in operating system commands have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the microprogrammed software of TP-Link Wi-Fi routers such as Archer AX3000, Archer AXE75, Archer AX5400, Archer Air R5, and Archer AXE5400 exists due to the failure to address the issue of eliminating specific components used in the operating system. This vulnerability allows a perpetrator to execute arbitrary commands.
The vulnerability of TP-Link Wi-Fi routers such as Archer AX3000, Archer AXE75, Archer AX5400, Archer Air R5, and Archer AXE5400 exists due to the lack of measures taken to neutralize specific components used in the operating system. Exploiting this vulnerability allows a remote attacker to execu...
Exploit for Unrestricted Upload of File with Dangerous Type in Pluck-Cms Pluck
CVE-2023-50564 PoC This repository contains a Proof of Con...
CVE-2024-39963
AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution RCE vulnerability via the macFilterType parameter at /goform/setMacFilterCfg...
CVE-2024-39963
AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution RCE vulnerability via the macFilterType parameter at /goform/setMacFilterCfg...
Broadcom Symantec Privileged Access Management File Upload Vulnerability
Broadcom Symantec Privileged Access Management Broadcom Symantec PAM is a security software from Broadcom, Inc. It helps prevent security breaches by protecting sensitive administrative credentials, controlling privileged user access, proactively enforcing security policies, and monitoring and...
Broadcom Symantec Privileged Access Management Code Injection Vulnerability
Broadcom Symantec Privileged Access Management Broadcom Symantec PAM is a security software from Broadcom, Inc. It helps prevent security breaches by protecting sensitive administrative credentials, controlling privileged user access, proactively enforcing security policies, and monitoring and...
Broadcom Symantec Privileged Access Management Input Validation Error Vulnerability
Broadcom Symantec Privileged Access Management Broadcom Symantec PAM is a security software from Broadcom, Inc. It helps prevent security breaches by protecting sensitive administrative credentials, controlling privileged user access, proactively enforcing security policies, and monitoring and...
CVE-2024-39963
AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution RCE vulnerability via the macFilterType parameter at /goform/setMacFilterCfg...
CVE-2024-39963
AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution RCE vulnerability via the macFilterType parameter at /goform/setMacFilterCfg...
The vulnerability of the UserScriptHumster class in the SolarWinds Access Rights Manager (ARM) access control software allows a perpetrator to execute arbitrary commands.
The vulnerability of the UserScriptHumster class in the SolarWinds Access Rights Manager ARM access control software is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands remotely...