Lucene search
K

19643 matches found

Vulnrichment
Vulnrichment
added 2024/06/14 4:4 a.m.24 views

CVE-2024-27175 Local File Inclusion

Remote Command program allows an attacker to read any file using a Local File Inclusion vulnerability. An attacker can read any file on the printer. As for the affected products/models/versions, see the reference URL...

4.4CVSS6.9AI score0.00851EPSS
Exploits1References4
CVE
CVE
added 2024/06/14 4:4 a.m.54 views

CVE-2024-27175

CVE-2024-27175 affects Toshiba e-STUDIO/MFP devices, where a Local File Inclusion vulnerability allows an attacker to read arbitrary files on the printer via unsafely processed input. The root cause is insufficient validation of filename input, enabling information disclosure via the device UI or...

4.4CVSS5.2AI score0.00851EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/06/14 4:3 a.m.18 views

CVE-2024-27174 insecure upload

Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this...

9.8CVSS0.01635EPSS
Exploits1References4
CVE
CVE
added 2024/06/14 4:3 a.m.59 views

CVE-2024-27174

CVE-2024-27174 affects Toshiba multi-function printers (e.g., Toshiba e-STUDIO/MFP family) via the Remote Command program, enabling remote code execution. Root cause involves the Remote Command component allowing untrusted input to trigger code execution; impact includes full confidentiality, int...

9.8CVSS10AI score0.01635EPSS
Exploits1References4
EUVD
EUVD
added 2024/06/14 4:0 a.m.2 views

EUVD-2024-24413

Remote Command program allows an attacker to get Remote Code Execution. As for the affected products/models/versions, see the reference URL...

9.8CVSS6.9AI score0.26811EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/06/14 4:0 a.m.23 views

CVE-2024-27172 Remote Code Execution

Remote Command program allows an attacker to get Remote Code Execution. As for the affected products/models/versions, see the reference URL...

9.8CVSS7.4AI score0.26811EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/06/14 4:0 a.m.203 views

CVE-2024-27172 Remote Code Execution

Remote Command program allows an attacker to get Remote Code Execution. As for the affected products/models/versions, see the reference URL...

9.8CVSS0.26811EPSS
Exploits1References4
CVE
CVE
added 2024/06/14 4:0 a.m.70 views

CVE-2024-27172

CVE-2024-27172 affects Toshiba printers/MFPs (notably e‑STUDIO family) via the Remote Command program. The root cause is an OS Command Injection (CWE-78) affecting the Remote Command functionality, which can lead to arbitrary code execution (RCE) when an attacker can access the device. Public ref...

9.8CVSS9.8AI score0.26811EPSS
Exploits1References4
NVD
NVD
added 2024/06/14 3:15 a.m.19 views

CVE-2024-27143

Toshiba printers use SNMP for configuration. Using the private community, it is possible to remotely execute commands as root on the remote printer. Using this vulnerability will allow any attacker to get a root access on a remote Toshiba printer. This vulnerability can be executed in combination...

9.8CVSS0.01097EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/06/14 12:0 a.m.4 views

PT-2024-21709 · Unknown · Remote Command

Name of the Vulnerable Software and Affected Versions: Remote Command program affected versions not specified Description: The issue allows an attacker to read any file on the printer using a Local File Inclusion vulnerability. This enables unauthorized access to sensitive information stored on t...

4.4CVSS6.2AI score0.00851EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/06/14 12:0 a.m.5 views

PT-2024-4209

Name of the Vulnerable Software and Affected Versions ASUS routers affected versions not specified Description The issue concerns an arbitrary firmware upload vulnerability in certain ASUS router models. This vulnerability can be exploited by an unauthenticated remote attacker to execute arbitrar...

9.8CVSS6.3AI score0.01031EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.15 views

Rocky Linux 8 : pcp (RLSA-2024:3264)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3264 advisory. pcp: exposure of the redis server backend allows remote command execution via pmproxy CVE-2024-3019 Tenable has extracted the preceding description block directl...

8.8CVSS7.3AI score0.01002EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/06/13 12:0 a.m.5 views

The vulnerability of the NTPSyncWithHost() function in TOTOLINK LR350 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the NTPSyncWithHost function in TOTOLINK LR350 router microprogramming devices is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands through the hosttime parameter...

5.8CVSS6AI score0.01386EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.7 views

PT-2024-21707

Name of the Vulnerable Software and Affected Versions Toshiba Tec Remote Command program affected versions not specified Description The issue allows an attacker to achieve Remote Code Execution by overwriting existing Python files that contain executable code. This can be difficult to execute...

9.8CVSS7.2AI score0.03166EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.4 views

PT-2024-21708 · Toshiba · Toshiba Tec

Name of the Vulnerable Software and Affected Versions: Toshiba Tec products affected versions not specified Description: The issue allows an attacker to achieve Remote Code Execution through the Remote Command program. This can be executed in combination with other vulnerabilities, making it...

9.8CVSS7.2AI score0.01635EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.5 views

PT-2024-21706 · Unknown · Remote Command Program

Name of the Vulnerable Software and Affected Versions: Remote Command program affected versions not specified Description: The issue allows an attacker to achieve Remote Code Execution through the Remote Command program. Recommendations: At the moment, there is no information about a newer versio...

9.8CVSS7.3AI score0.26811EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/06/11 12:0 a.m.3 views

PT-2024-4394 · Ruijie · Ruijie Rg-Uac

Name of the Vulnerable Software and Affected Versions: Ruijie RG-UAC version 1.0 Description: A critical issue has been found in the function get ip addr details of the file /view/dhcp/dhcpConfig/commit.php. The manipulation of the argument ethname leads to os command injection. The attack may be...

8.8CVSS7.1AI score0.09094EPSS
Exploits1References9
BDU FSTEC
BDU FSTEC
added 2024/06/07 12:0 a.m.11 views

The vulnerability of the LenelS2 NetBox access control and event monitoring system, related to the implementation or modification of arguments, allows a intruder to execute arbitrary commands.

The vulnerability of the LenelS2 NetBox access control and event monitoring system is related to the implementation or modification of arguments. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

9CVSS5.8AI score0.00519EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/06/04 12:0 a.m.6 views

The vulnerability of the Socket Library component in computer typesetting systems like LuaTeX, TeX Live, and MiKTeX allows attackers to execute arbitrary commands.

The vulnerability of the Socket Library component in computer typesetting systems using LuaTeX, TeX Live, and MiKTeX exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS6.2AI score0.0037EPSS
Exploits1References11Affected Software4
GithubExploit
GithubExploit
added 2024/06/03 12:42 a.m.91 views

Exploit for Command Injection in Mitel 6869I_Sip_Firmware

CVE A repository containing exploit code / zero-day research I...

8.8CVSS7.6AI score0.4161EPSS
Exploits5
Rows per page
Query Builder