EMC RecoverPoint and EMC RecoverPoint for Virtual Machines Command Injection Vulnerability (CNVD-2018-04836)

EMC RecoverPoint is a disaster recovery solution from EMC Corporation. The solution provides local and remote hypervisor-based replication, continuous data protection by virtual machine recovery to any point in time, automated disaster recovery process orchestration, etc. EMC RecoverPoint for...

CVE-2018-1185

An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Admin CLI may allow a malicious user with admin privileges to escape from the restricted...

CVE-2018-1185

An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Admin CLI may allow a malicious user with admin privileges to escape from the restricted...

CERIO 11nbg 2.4Ghz High Power Wireless Router (pekcmd) Rootshell Backdoors

Summary CERIO's DT-300N A4 eXtreme Power 11n 2.4Ghz 2x2 High Power Wireless Access Point with built-in 10dBi patch antennas and also supports broadband wireless routing. DT-300N A4's wireless High Power design enhances the range and stability of the device's wireless signal in office and home...

CVE-2017-12261

A vulnerability in the restricted shell of the Cisco Identity Services Engine ISE that is accessible via SSH could allow an authenticated, local attacker to run arbitrary CLI commands with elevated privileges. The vulnerability is due to incomplete input validation of the user input for CLI...

Input validation

A vulnerability in the restricted shell of the Cisco Identity Services Engine ISE that is accessible via SSH could allow an authenticated, local attacker to run arbitrary CLI commands with elevated privileges. The vulnerability is due to incomplete input validation of the user input for CLI...

CVE-2017-12261

A vulnerability in the restricted shell of the Cisco Identity Services Engine ISE that is accessible via SSH could allow an authenticated, local attacker to run arbitrary CLI commands with elevated privileges. The vulnerability is due to incomplete input validation of the user input for CLI...

Elevation of Privilege Vulnerability in Multiple Cisco Products

Cisco Identity Services Engine ISE is an identity-based environment awareness platform ISE Identity Services Engine from Cisco. The platform oversees the network by collecting real-time information from the network, users, and devices, and developing and enforcing appropriate policies.ISE Express...

Cisco Identity Services Engine Privilege Escalation Vulnerability

A vulnerability in the restricted shell of the Cisco Identity Services Engine ISE that is accessible via SSH could allow an authenticated, local attacker to run arbitrary CLI commands with elevated privileges. The vulnerability is due to incomplete input validation of the user input for CLI...

CVE-2017-14331

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell...

Authentication flaw

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell...

CVE-2017-14331

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell...

CVE-2017-14331

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell...

Extreme EXOS Security Bypass Vulnerability

Extreme EXOS is a new generation modular switch operating system from Extreme Networks. A security bypass vulnerability exists in Extreme EXOS versions 16.x, 21.x, and 22.x. The vulnerability can be exploited to bypass the 'exsh restricted shell' protection mechanism and gain access to the...

Command injection

The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command...

CVE-2017-11321

The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command...

CVE-2017-11321

The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command...

CVE-2017-11321

The CVE-2017-11321 issue affects UCOPIA Wireless Appliance (pre-5.1.8) where the restricted shell interface allows remote authenticated users to escalate to admin privileges by exploiting shell metacharacters in the less command. Affected component: restricted shell via less; root cause: improper...

UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape

CVE-2017-11321 UCOPIA Wireless Appliance You can also retrieve the IP address of the outgoing interface. For this, you need to log in to the terminal of the virtual machine with the following username and password: admin/bhu85tgb, and then execute the interface command. By logging in within these...

CVE-2017-12255

A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vulnerability is due to insufficient input validation of commands entered in the CLI, aka a Restricted Shell Break Vulnerability. An attacker could exploit this...