19 matches found
PT-2026-22937
A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012-18853 and 027-58389 allows remote attackers to send a specially crafted UDP datagram and execute arbitrary shell code as the root account...
CVE-2025-8476
Alpine iLX-507 TIDAL Improper Certificate Validation Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2023-39457
Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw...
Debian: Security Advisory (DLA-751-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Lewei Innovation Technology LW9621 缓冲区错误漏洞
The Lewei Innovation Technology LW9621 is a wireless video transmission module camera board from Lewei Innovation Technology China. A security vulnerability exists in the Lewei Innovation Technology LW9621 firmware version 2.0.10, which can be exploited to allow an attacker to remotely execute co...
Linear eMerge E3 1.00-06 Arbitrary File Upload Remote Root Code Execution
!/usr/bin/env python Linear eMerge E3 Arbitrary File Upload Remote Root Code Execution Affected version: \n" sys.exit ipaddr = sys.argv1 vremetodeneska = datetime.datetime.now print "Starting exploit at "+vremetodeneska.strftime"%d.%m.%Y %H:%M:%S" print while True: try: target =...
CVE-2019-7276
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console...
CVE-2019-7276
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console...
CVE-2019-7276
Optergy Proton/Enterprise BMS is affected by CVE-2019-7276: unauthenticated remote code execution via a backdoor console. Public details show an undocumented backdoor script (Console.jsp) in the tools directory that enables full root access on vulnerable versions (notably 2.0.3a and earlier). Exp...
WDMyCloud < 2.30.165 - Multiple Vulnerabilities
WDMyCloud Multiple Vulnerabilities Vendor: Western Digital Product: WDMyCloud Version: = 2.30.165 Website: https://www.wdc.com/products/network-attached-storage.html / / / / / / / / / / / / / / / / / / / / / \ / // / // / / / / / / / // / / / /,/// // /// // GulfTech Research and Development...
Palo Alto Networks Firewalls Remote Root Code Execution
Hello, This is a public advisory for CVE-2017-15944 which is a remote root code execution bug in Palo Alto Networks firewalls. Three separate bugs can be used together to remotely execute commands as root through the web management interface without authentication on: PAN-OS 6.1.18 and earlier,...
MySQL is now a high-risk vulnerability that can cause the server root permission is stealing-vulnerability warning-the black bar safety net
! Last week, a man named Dawid Golunski Polish hackers discovered the existence of the MySQL vulnerabilities: a remote root code execution exploit and a privilege escalation vulnerability. At the time, Golunski only provides the first vulnerability poc, but the commitment will disclose a second...
FreeBSD : mysql -- Remote Root Code Execution (856b88bf-7984-11e6-81e7-d050996490d0)
Dawid Golunski reports : An independent research has revealed multiple severe MySQL vulnerabilities. This advisory focuses on a critical vulnerability with a CVEID of CVE-2016-6662 which can allow attackers to remotely inject malicious settings into MySQL configuration files my.cnf leading to...
MySQL <= 5.7.15 remote Root code execution vulnerability
http://legalhackers.com - dawid at legalhackers.com - Release date: 12.09.2016 I. VULNERABILITY ------------------------- MySQL = 5.7.15 Remote Root Code Execution / Privilege Escalation 0day 5.6.33 5.5.52 MySQL clones are also affected, including: MariaDB PerconaDB II. BACKGROUND...
ALCASAR 2.8.1 Remote Root Code Execution
!/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8.1 Remote Root Code Execution Vulnerability Author: eF Date : 2014-09-12 URL : http://www.alcasar.net/ This is not a responsible disclosure coz' I have no sense of ethics and I don't give a fck. db 88 ,ad8888ba, db ad88888ba db 88888888ba d88b...
ALCASAR-Remote
By sending a specially crafted value in the "host" HTTP header, it is possible to inject the exec function in order to execute commands as Apache user. !/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8 Remote Root Code Execution Vulnerability Author: eF Date : 2014-02-10 db 88 ,ad8888ba, db...
FreeBSD 7.0-RELEASE Telnet Daemon Local Privilege Escalation Exploit
Exploit for freebsd platform in category local exploits ==================================================================== FreeBSD 7.0-RELEASE Telnet Daemon Local Privilege Escalation Exploit ==================================================================== FreeBSD 7.0-RELEASE telnet daemon...
Real Server/Helix Universal Server array overflow
Pointers array overflow leads to remote root code execution...
LPRng (RedHat 7.0) lpd Remote Root Format String Exploit
Exploit for linux platform in category remote exploits ======================================================== LPRng RedHat 7.0 lpd Remote Root Format String Exploit ======================================================== / Copyright c 2000 - Security.is The following material may be freely...