454 matches found
EUVD-2023-24300
Malicious code in bioql PyPI...
EUVD-2023-47487
Malicious code in bioql PyPI...
EUVD-2023-24301
Malicious code in bioql PyPI...
EUVD-2025-20791
Malicious code in bioql PyPI...
EUVD-2021-6773
Malicious code in bioql PyPI...
Eaton NMC G2 安全漏洞
Eaton NMC G2 is a network management card from Eaton Corporation USA. A security vulnerability exists in the Eaton NMC G2 that originates from a privileged attacker being able to modify the contents of non-sensitive files via path traversal in a CLI restricted shell...
CVE-2025-50753
Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted shell to show files and directories. By providing " /bin/sh" quotes included to the argument of this command will drop a...
CVE-2025-50753
Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted shell to show files and directories. By providing " /bin/sh" quotes included to the argument of this command will drop a...
CVE-2025-50753
Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted shell to show files and directories. By providing " /bin/sh" quotes included to the argument of this command will drop a...
CVE-2025-50753
The CVE-2025-50753 entry concerns Mitrastar GPT-2741GNAC-N2 home gateway devices. Affected software exposes SSH access into a restricted default shell, and the command deviceinfo show file is meant for this shell. Supplying the string /bin/sh (with quotes) as the argument to this command can drop...
CVE-2025-27027
A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions...
CVE-2025-27027 Restricted shell evasion in Radiflow iSAP Smart Collector
A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions...
CVE-2025-27027
CVE-2025-27027 concerns Radiflow iSAP Smart Collector. Multiple connected sources describe a scenario where a user with vpuser credentials who opens an SSH connection can escape rbash restrictions and obtain a full-featured Linux shell. The root cause, as stated in PT-2025-28859, involves bypassi...
CVE-2025-27027 Restricted shell evasion in Radiflow iSAP Smart Collector
A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions...
Radiflow iSAP Smart Collector 安全漏洞
Radiflow iSAP Smart Collector is a remote traffic collection and forwarding appliance designed for industrial networks from Radiflow USA. A security vulnerability exists in the Radiflow iSAP Smart Collector that stems from bypassing the rbash restriction and could lead to obtaining the full Linux...
CVE-2023-33235
MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrar...
CVE-2021-37471
Cradlepoint IBR900-600 devices running versions 7.21.10 are vulnerable to a restricted shell escape sequence that provides an attacker the capability to simultaneously deny availability to the device's NetCloud Manager console, local console and SSH command-line...
CVE-2021-27796
A vulnerability in Brocade Fabric OS versions before Brocade Fabric OS v8.0.1b, v7.4.1d could allow an authenticated attacker within the restricted shell environment rbash as either the “user” or “factory” account, to read the contents of any file on the filesystem utilizing one of a few availabl...
CVE-2017-7722
In SolarWinds Log & Event Manager LEM before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" the default username and password. By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the...
CVE-2022-46412
An issue was discovered in Veritas NetBackup Flex Scale through 3.0. A non-privileged user may escape a restricted shell and execute privileged commands...