13288 matches found
CVE-2026-12374
Improper certificate validation and a time-of-check time-of-use TOCTOU race condition in the PrivilegedHelperTool XPC service in Cato Client before v.5.13.1 on macOS allows a local authenticated attacker to escalate privileges to root via a self-signed certificate that bypasses the XPC caller...
EUVD-2026-40844
Storage Concentrator SC & SCVM contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker can submit a specially crafted HTTP request containing a malicious payload that is processed without adequate input sanitization,...
PT-2026-54917
Name of the Vulnerable Software and Affected Versions Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 affected versions not specified Description An unauthenticated OS command injection exists in the commuos web backend. Network-adjacent attackers can execute arbitrary shell commands by...
CVE-2026-56415
Storage Concentrator SC & SCVM contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker can submit a specially crafted HTTP request containing a malicious payload that is processed without adequate input sanitization,...
CVE-2026-56413
Storage Concentrator SC & SCVM contains a command injection vulnerability in the msservice.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An unauthenticated remote attacker can send a specially crafted packet containing a...
CVE-2026-56415
The vulnerability CVE-2026-56415 affects the Storage Concentrator (SC & SCVM). The issue is a command injection in the debug.pl script that is reachable without authentication. A remote attacker can send a crafted HTTP request containing a malicious payload which is processed without proper input...
CVE-2025-7406
Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative local admin privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute...
EUVD-2025-210371
Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative local admin privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute...
CVE-2025-7406
CVE-2025-7406 affects Nokia MantaRay NM. A local privilege escalation allows an admin with local privileges to gain root access, yielding root filesystem control and full actions as root. Mitigation mentioned: temporarily restrict the set of commands permitted via sudo for affected accounts. No s...
CVE-2025-7406 A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM
Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative local admin privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute...
PT-2026-54437
Name of the Vulnerable Software and Affected Versions Storage Concentrator SC & SCVM affected versions not specified Description Command injection exists in the ms service.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An...
PT-2026-54438
Name of the Vulnerable Software and Affected Versions Storage Concentrator SC & SCVM affected versions not specified Description An unauthenticated remote attacker can execute arbitrary commands with root-level privileges on the underlying system. This occurs because the debug.pl script processes...
CVE-2026-34594
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, an authenticated command injection vulnerability in the Destination Network Management functionality allows users with destination management permissions to execute arbitra...
CVE-2026-34594 Coolify: Authenticated Remote Code Execution via Command Injection in Destination Network Management
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, an authenticated command injection vulnerability in the Destination Network Management functionality allows users with destination management permissions to execute arbitra...
CVE-2026-58000
luci-proto-openvpn through 0.11.1, fixed in commit e4ff45e, contains a command injection vulnerability in the generateKey ubus method where the clmeta parameter is interpolated into a shell command without proper escaping or quoting. An authenticated LuCI user with OpenVPN protocol configuration...
CVE-2026-57999
luci-app-tailscale-community contains a command injection vulnerability in the tailscale.dologin RPC method that allows authenticated users to execute arbitrary commands as root. The vulnerability exists because user-controlled loginserver and loginserverauthkey parameters are improperly quoted...
EUVD-2026-40171
luci-app-tailscale-community contains a command injection vulnerability in the tailscale.dologin RPC method that allows authenticated users to execute arbitrary commands as root. The vulnerability exists because user-controlled loginserver and loginserverauthkey parameters are improperly quoted...
CVE-2026-58000 luci-proto-openvpn - Command Injection via cl_meta Parameter in generateKey
luci-proto-openvpn through 0.11.1, fixed in commit e4ff45e, contains a command injection vulnerability in the generateKey ubus method where the clmeta parameter is interpolated into a shell command without proper escaping or quoting. An authenticated LuCI user with OpenVPN protocol configuration...
CVE-2026-57999 luci-app-tailscale-community - Command Injection via tailscale.do_login RPC
luci-app-tailscale-community contains a command injection vulnerability in the tailscale.dologin RPC method that allows authenticated users to execute arbitrary commands as root. The vulnerability exists because user-controlled loginserver and loginserverauthkey parameters are improperly quoted...
CVE-2026-58000 luci-proto-openvpn - Command Injection via cl_meta Parameter in generateKey
luci-proto-openvpn through 0.11.1, fixed in commit e4ff45e, contains a command injection vulnerability in the generateKey ubus method where the clmeta parameter is interpolated into a shell command without proper escaping or quoting. An authenticated LuCI user with OpenVPN protocol configuration...