454 matches found
CVE-2021-31581
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...
CVE-2021-31580
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...
Design/Logic Flaw
By abusing the 'install rpm url' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0...
CVE-2021-3540
CVE-2021-3540 affects Ivanti MobileIron Core. The flaw allows escaping the restricted clish shell via the install rpm info detail command, effectively a clish argument-injection vulnerability. Consequence is elevated/possibly complete impact on confidentiality, integrity, and availability per NVD...
IBM Power HMC Elevation of Privilege Vulnerability
IBM Power HMC is a set of graphical interface software for configuring and managing the Power System family of servers from IBM in the United States. The software is primarily used to manage hardware such as servers. IBM Power HMC has an elevation of privilege vulnerability that could be exploite...
CVE-2021-29707
IBM HMC Hardware Management Console V9.1.910.0 and V9.2.950.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 200879...
Code injection
IBM HMC Hardware Management Console V9.1.910.0 and V9.2.950.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 200879...
CVE-2021-29707
IBM HMC Hardware Management Console V9.1.910.0 and V9.2.950.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 200879...
OS Command Injection
rssh is vulnerable to OS command injection. Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...
Bugs Lurking in Cisco UC Provisioning Platform
The Akkadian Provisioning Manager, which is used as a third-party provisioning tool within Cisco Unified Communications environments, has three high-severity security vulnerabilities that can be chained together to enable remote code execution RCE with elevated privileges, researchers said. They...
Cisco ADE-OS Local File Inclusion (cisco-sa-ade-xcvAQEOZ)
According to its self-reported version, Cisco Identity Services Engine Software is affected by a local file inclusion vulnerability. A vulnerability in the restricted shell of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to identify directories and write arbitra...
CVE-2021-1306
A vulnerability in the restricted shell of Cisco Evolved Programmable Network EPN Manager, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system. This vulnerability is du...
CVE-2021-1306 Cisco ADE-OS Local File Inclusion Vulnerability
A vulnerability in the restricted shell of Cisco Evolved Programmable Network EPN Manager, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system. This vulnerability is du...
bash: BASH_CMD is writable in restricted bash shells
rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASHCMDS, thus allowing the user to execute any command with the permissions of the shell...
VyOS restricted-shell Escape / Privilege Escalation Exploit
This Metasploit module exploits command injection vulnerabilities and an insecure default sudo configuration on VyOS versions 1.0.0 through 1.1.8 to execute arbitrary system commands as root. VyOS features a restricted-shell system shell intended for use by low privilege users with operator...
VyOS restricted-shell Escape and Privilege Escalation
This module exploits command injection vulnerabilities and an insecure default sudo configuration on VyOS versions 1.0.0 use exploit/linux/ssh/vyosrestrictedshellprivesc msf exploitvyosrestrictedshellprivesc show targets ...targets... msf exploitvyosrestrictedshellprivesc set TARGET msf...
CVE-2020-24045
A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. The restricted shell can be bypassed by presenting a fake vmware-tools ISO image to the guest virtual...
CVE-2020-24045
A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. The restricted shell can be bypassed by presenting a fake vmware-tools ISO image to the guest virtual...
CVE-2020-24045
CVE-2020-24045 affects TitanHQ SpamTitan Gateway 7.07. The vulnerability arises from a sandbox escape in the restricted admin shell: when a fake VMware Tools ISO image is mounted in the guest VM, and the hidden VMware Tools install path vmware-freebsd-tools/vmware-tools-distrib/vmware-install.pl ...
CVE-2020-3151
A vulnerability in the CLI of Cisco Connected Mobile Experiences CMX could allow an authenticated, local attacker with administrative credentials to bypass restrictions on the CLI. The vulnerability is due to insufficient security mechanisms in the restricted shell implementation. An attacker cou...