Lucene search
K

450 matches found

OSV
OSV
added 2017/11/28 7:29 a.m.4 views

CVE-2017-8020

An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on an affected server...

9.8CVSS6.3AI score0.04211EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2017/11/01 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-12847

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been exploited in the wild...

9.8CVSS7.6AI score0.28986EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2017/09/22 12:0 a.m.6 views

The vulnerability of the Screensavercc component in the eLux RP operating system allows a hacker to execute arbitrary commands with root privileges.

The vulnerability of the Screensavercc component in the eLux RP operating system is related to the lack of measures to protect input data. Exploiting this vulnerability allows a malicious actor to bypass configuration restrictions and execute arbitrary commands with root privileges by inserting...

10CVSS8.1AI score0.02356EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/09/22 12:0 a.m.5 views

The vulnerability of the bpserverd protocol used by Unitrends Backup software allows a perpetrator to bypass authentication procedures or execute arbitrary commands with root privileges.

The vulnerability of the bpserverd protocol used by Unitrends Backup software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process or execute arbitrary commands with root privileges, using the xinetd...

10CVSS8.1AI score0.68217EPSS
Exploits9References2Affected Software1
CNVD
CNVD
added 2017/08/02 12:0 a.m.3 views

Trend Micro Deep Discovery Director Hard-Coded Archive File Password Vulnerability

Trend Micro Deep Discovery is a protection product from Trend Micro that detects and identifies hard-to-find threats in real time and proposes solutions. director is one of the built-in solutions with the ability to update and upgrade various programs in Deep Discovery. A security vulnerability...

9.8CVSS7.3AI score0.01464EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/07 12:0 a.m.1 views

Cisco IOS XR Local Elevation of Privilege Vulnerability

Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. An elevation of privilege vulnerability exists in Cisco IOS XR that allows a local user to execute arbitrary operating system commands as root by leveraging administrator privileges...

7CVSS7.2AI score0.00318EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/05 12:0 a.m.6 views

EMC VNX2 OE for File and VNX1 OE for File Local Elevation of Privilege Vulnerability

The EMC VNX2 OE for File and VNX1 OE for File are file storage devices from EMC Corporation USA. A security vulnerability exists in EMC VNX2 OE for File and VNX1 OE for File, which can be exploited by a local attacker to submit a special request to execute arbitrary commands with root privileges...

7.8CVSS7.4AI score0.00308EPSS
Exploits0References1
OSV
OSV
added 2017/07/03 4:29 p.m.7 views

CVE-2017-8116

The management interface for the Teltonika RUT9XX routers aka LuCI with firmware 00.03.265 and earlier allows remote attackers to execute arbitrary commands with root privileges via shell metacharacters in the username parameter in a login request...

9.8CVSS6AI score0.04519EPSS
Exploits1References3
CNVD
CNVD
added 2017/06/09 12:0 a.m.5 views

Remote Command Injection Vulnerability at Foscam camera Add User

FOSCAM Group is a national high-tech enterprise specializing in the design, research and development, manufacturing and sales of network cameras, network video recorders and other products. Remote command injection vulnerability exists in the usrName parameter of the CGIProxy.fcgi addAccount...

8.2AI score
Exploits0References1
Prion
Prion
added 2017/05/09 9:29 p.m.16 views

Design/Logic Flaw

In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root...

10CVSS9.7AI score0.02556EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/05/09 9:29 p.m.3 views

CVE-2017-8859

In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root...

9.8CVSS6AI score0.02556EPSS
Exploits0References2
CNVD
CNVD
added 2017/02/24 12:0 a.m.2 views

GPG Suite Arbitrary Command Execution Vulnerability

GPG Suite is an iOS-based encryption and decryption suite for communication security. A security vulnerability exists in the 'installPackage' function of the installerHelper subcomponent in versions of GPG Suite prior to 2015.06. A local attacker can exploit the vulnerability to execute arbitrary...

7.8CVSS7.4AI score0.00645EPSS
Exploits1References1
CNVD
CNVD
added 2016/10/12 12:0 a.m.2 views

Authentication Command Injection Vulnerability in PwdGrp.cgi for AVTECH Devices

AVTECH, founded in 1996, is one of the world's leading CCTV manufacturers. The main products are surveillance equipment, network cameras, network video recorders and so on. An authentication command injection vulnerability exists in AVTECH device PwdGrp.cgi. The PwdGrp.cgi script can be used to...

8.6AI score
Exploits0References1
OSV
OSV
added 2016/09/21 2:25 p.m.3 views

CVE-2016-4965

Fortinet FortiWan formerly AscernLink before 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph parameter to diagnosiscontrol.php...

8.8CVSS6AI score0.04115EPSS
Exploits0References4
CNVD
CNVD
added 2016/08/24 12:0 a.m.7 views

Bihu's uRouter Wireless Router Has Multiple Vulnerabilities

Bihu uRouter Wireless Router is an enterprise-grade intelligent routing product manufactured and marketed by Bihu Technology in China. Multiple vulnerabilities exist in the Bihu uRouter. An unauthenticated attacker can bypass the system authentication mechanism by providing a random SID cookie...

7.9AI score
Exploits0References1
Packet Storm
Packet Storm
added 2016/07/27 12:0 a.m.35 views

Iris ID IrisAccess ICU 7000-2 Remote Root Command Execution

i? Iris ID IrisAccess ICU 7000-2 Remote Root Command Execution Vendor: Iris ID, Inc. Product web page: http://www.irisid.com http://www.irisid.com/productssolutions/hardwareproducts/icu-7000-2/ Affected version: ICU Software: 1.00.08 ICU OS: 1.3.8 ICU File system: 1.3.8 EIF Firmware Channel 1: 1....

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2015/11/19 12:0 a.m.52 views

F5 iControl - 'iCall::Script' Root Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit3 "http://schemas.xmlsoap.org/soap/encoding/" STRINGATTRS = 'xsi:type' = 'urn:Common.StringSequence',...

9CVSS7AI score0.68483EPSS
Exploits5
CNVD
CNVD
added 2015/10/03 12:0 a.m.4 views

RSA Web Threat Detection Elevation of Privilege Vulnerability

RSA Web Threat Detection is a big data and security analytics solution. A security vulnerability exists in RSA Web Threat Detection that could be exploited by a local attacker to inject special commands into a configuration file to execute arbitrary system commands with ROOT privileges...

7.2CVSS7.3AI score0.00519EPSS
Exploits0References1
Metasploit
Metasploit
added 2015/09/25 4:37 p.m.50 views

Watchguard XCS FixCorruptMail Local Privilege Escalation

This module exploits a vulnerability in the Watchguard XCS 'FixCorruptMail' script called by root's crontab which can be exploited to run a command as root within 3 minutes. This module requires Metasploit: https://metasploit.com/download Current source:...

0.2AI score
Exploits0
CNVD
CNVD
added 2015/08/25 12:0 a.m.5 views

Red Hat OpenShift Enterprise Arbitrary Command Execution Vulnerability

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that builds, tests, deploys, and runs applications.OpenShift Enterprise is an open source version of the private cloud. A security vulnerability exists in Red Hat OpenShift Enterprise version 3.0.0.0 tha...

8.5CVSS7.7AI score0.0269EPSS
Exploits0References1
Rows per page
Query Builder