19643 matches found
CVE-2024-27175 Local File Inclusion
Remote Command program allows an attacker to read any file using a Local File Inclusion vulnerability. An attacker can read any file on the printer. As for the affected products/models/versions, see the reference URL...
CVE-2024-27175
CVE-2024-27175 affects Toshiba e-STUDIO/MFP devices, where a Local File Inclusion vulnerability allows an attacker to read arbitrary files on the printer via unsafely processed input. The root cause is insufficient validation of filename input, enabling information disclosure via the device UI or...
CVE-2024-27174 insecure upload
Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this...
CVE-2024-27174
CVE-2024-27174 affects Toshiba multi-function printers (e.g., Toshiba e-STUDIO/MFP family) via the Remote Command program, enabling remote code execution. Root cause involves the Remote Command component allowing untrusted input to trigger code execution; impact includes full confidentiality, int...
EUVD-2024-24413
Remote Command program allows an attacker to get Remote Code Execution. As for the affected products/models/versions, see the reference URL...
CVE-2024-27172 Remote Code Execution
Remote Command program allows an attacker to get Remote Code Execution. As for the affected products/models/versions, see the reference URL...
CVE-2024-27172 Remote Code Execution
Remote Command program allows an attacker to get Remote Code Execution. As for the affected products/models/versions, see the reference URL...
CVE-2024-27172
CVE-2024-27172 affects Toshiba printers/MFPs (notably e‑STUDIO family) via the Remote Command program. The root cause is an OS Command Injection (CWE-78) affecting the Remote Command functionality, which can lead to arbitrary code execution (RCE) when an attacker can access the device. Public ref...
CVE-2024-27143
Toshiba printers use SNMP for configuration. Using the private community, it is possible to remotely execute commands as root on the remote printer. Using this vulnerability will allow any attacker to get a root access on a remote Toshiba printer. This vulnerability can be executed in combination...
PT-2024-21709 · Unknown · Remote Command
Name of the Vulnerable Software and Affected Versions: Remote Command program affected versions not specified Description: The issue allows an attacker to read any file on the printer using a Local File Inclusion vulnerability. This enables unauthorized access to sensitive information stored on t...
PT-2024-4209
Name of the Vulnerable Software and Affected Versions ASUS routers affected versions not specified Description The issue concerns an arbitrary firmware upload vulnerability in certain ASUS router models. This vulnerability can be exploited by an unauthenticated remote attacker to execute arbitrar...
Rocky Linux 8 : pcp (RLSA-2024:3264)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3264 advisory. pcp: exposure of the redis server backend allows remote command execution via pmproxy CVE-2024-3019 Tenable has extracted the preceding description block directl...
The vulnerability of the NTPSyncWithHost() function in TOTOLINK LR350 router microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the NTPSyncWithHost function in TOTOLINK LR350 router microprogramming devices is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands through the hosttime parameter...
PT-2024-21707
Name of the Vulnerable Software and Affected Versions Toshiba Tec Remote Command program affected versions not specified Description The issue allows an attacker to achieve Remote Code Execution by overwriting existing Python files that contain executable code. This can be difficult to execute...
PT-2024-21708 · Toshiba · Toshiba Tec
Name of the Vulnerable Software and Affected Versions: Toshiba Tec products affected versions not specified Description: The issue allows an attacker to achieve Remote Code Execution through the Remote Command program. This can be executed in combination with other vulnerabilities, making it...
PT-2024-21706 · Unknown · Remote Command Program
Name of the Vulnerable Software and Affected Versions: Remote Command program affected versions not specified Description: The issue allows an attacker to achieve Remote Code Execution through the Remote Command program. Recommendations: At the moment, there is no information about a newer versio...
PT-2024-4394 · Ruijie · Ruijie Rg-Uac
Name of the Vulnerable Software and Affected Versions: Ruijie RG-UAC version 1.0 Description: A critical issue has been found in the function get ip addr details of the file /view/dhcp/dhcpConfig/commit.php. The manipulation of the argument ethname leads to os command injection. The attack may be...
The vulnerability of the LenelS2 NetBox access control and event monitoring system, related to the implementation or modification of arguments, allows a intruder to execute arbitrary commands.
The vulnerability of the LenelS2 NetBox access control and event monitoring system is related to the implementation or modification of arguments. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of the Socket Library component in computer typesetting systems like LuaTeX, TeX Live, and MiKTeX allows attackers to execute arbitrary commands.
The vulnerability of the Socket Library component in computer typesetting systems using LuaTeX, TeX Live, and MiKTeX exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
Exploit for Command Injection in Mitel 6869I_Sip_Firmware
CVE A repository containing exploit code / zero-day research I...