CVE-2023-31425

A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1 could allow a local authenticated user to perform privilege escalation to root by breaking the rbash shell. Starting with Fabric OS v9.1.0, “root” account access is...

Veritas Technologies Veritas NetBackup 安全漏洞

Veritas Technologies Veritas NetBackup is a powerful enterprise-class data backup management software from Veritas Technologies, USA. A security vulnerability exists in the Veritas NetBackup Appliance prior to version 4.1.0.1 MR3, which stems from an insecure privilege setting that could allow an...

CVE-2023-33235

MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrar...

CVE-2023-33235

MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrar...

Cisco Identity Services Engine Path Traversal Vulnerability (cisco-sa-ise-traversal-ZTUgMYhu) (CSCwd07350)

According to its self-reported version, Cisco Identity Services Engine Path Traversal Vulnerabilities is affected by a path traversal vulnerability. A vulnerability in the CLI of Cisco ISE could allow an authenticated, local attacker to perform a path traversal attack to escape the restricted she...

PT-2025-54258

Name of the Vulnerable Software and Affected Versions Anevia Flamingo XL version 3.2.9 Description A flaw exists in Anevia Flamingo XL 3.2.9 that allows remote attackers to bypass the sandboxed environment using the traceroute command. Exploitation of the traceroute command enables attackers to...

Cisco Prime Infrastructure Command Injection (cisco-sa-adeos-MLAyEcvk)

According to its self-reported version, Cisco Prime Infrastructure Software is affected by a command injection vulnerability. This could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating system. Note that Nessus has not test...

CVE-2023-20121

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager EPNM, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating...

CVE-2023-20121

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager EPNM, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating...

CVE-2023-20122

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager EPNM, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating...

Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager EPNM, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating...

CVE-2023-20121 Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager EPNM, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating...

CVE-2023-20121 Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager EPNM, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating...

ASKEY RTF3505VW-N1 - Privilege Escalation Exploit

Exploit Title: ASKEY RTF3505VW-N1 - Privilege escalation Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.askey.com Platform: ASKEY router devices RTF3505VW-N1 Tested on: Firmware BRSVg000R3505VMN1001s327 Vulnerability analysis:...

ASKEY RTF3505VW-N1 - Privilege Escalation

Exploit Title: ASKEY RTF3505VW-N1 - Privilege escalation Date: 07-12-2022 Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.askey.com Platform: ASKEY router devices RTF3505VW-N1 Tested on: Firmware BRSVg000R3505VMN1001s327 Vulnerability analysis:...

Riello UPS Restricted Shell Bypass Vulnerability

Riello UPS systems can have their restricted configuration shell bypassed to gain full underlying operating system access. I. VULNERABILITY ------------------------- Riello UPS systems allow to easily escape the configuration shell and get access to the operating system II. VENDOR...

Riello UPS Restricted Shell Bypass

I. VULNERABILITY ------------------------- Riello UPS systems allow to easily escape the configuration shell and get access to the operating system II. VENDOR ------------------------- Riello https://www.riello-ups.es/ III. DESCRIPTION ------------------------- Riello UPS systems allow SSH access...

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2023-1502)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2023-1907 · Unknown · Mxsecurity

Name of the Vulnerable Software and Affected Versions: MXsecurity version 1.0 Description: The issue is related to a command injection vulnerability in the SSH CLI program of MXsecurity. This vulnerability can be exploited by attackers who have gained authorization privileges, allowing them to...

K19707805: glibc vulnerability CVE-2017-15804

Security Advisory Description The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator. CVE-2017-15804 Impact BIG-IP, BIG-IQ, F5 iWorkflow, Enterprise Manager, LineRate, and ARX There is no impact;...