969 matches found
QEMU Root Shell Access Vulnerability
AMD ID: AMD-SB-3012 Potential Impact: Guest OS Root Shell Access from Malicious Host Severity: N/A Summary Researchers from the University of Tokyo shared with AMD a paper titled “A Root Shell Access Vulnerability in QEMU for AMD SEV-SNP Confidential Virtual Machines.” The research paper reports...
Lorex 2K Indoor Wi-Fi Security Camera: Multiple Vulnerabilities (FIXED)
The Lorex 2K Indoor Wi-Fi Security Camera is a consumer security device that provides cloud-based video camera surveillance capabilities. This device was a target at the 2024 Pwn2Own IoT competition. Rapid7 developed an unauthenticated remote code execution RCE exploit chain as an entry for the...
Injection Vulnerability in Multiple Siemens Products
SCALANCE M-800, MUM-800 and S615 and RUGGEDCOM RM1224 are industrial routers. An injection vulnerability exists in multiple Siemens products, which can be exploited by attackers to inject code or generate a system root shell...
CVE-2024-50572
A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.2, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.2, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.2, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.2, SCALANCE...
CVE-2024-50572
A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.2, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.2, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.2, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.2, SCALANCE...
CVE-2024-50572
CVE-2024-50572 affects Siemens industrial devices (e.g., RUGGEDCOM RM1224 LTE, SCALANCE M family, S615, and related models) where an input field is not properly sanitized. This allows an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. The ...
Siemens RUGGEDCOM和Siemens SCALANCE 命令注入漏洞
SCALANCE M-800, MUM-800 and S615 and RUGGEDCOM RM1224 are industrial routers. An injection vulnerability exists in multiple Siemens products, which can be exploited by attackers to inject code or generate a system root shell...
CVE-2024-8448
Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell...
CVE-2024-8448
Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell...
CVE-2024-8448 PLANET Technology switch devices - Remote privilege escalation using hard-coded credentials
Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell...
CVE-2024-8448
PLANET Technology switch models are affected by CVE-2024-8448 due to a hard-coded credential in the CLI, enabling remote attackers with regular privileges to login and obtain a Linux root shell. The vulnerability affects certain PLANET switches (specific models not publicly detailed in the source...
CVE-2024-8448 PLANET Technology switch devices - Remote privilege escalation using hard-coded credentials
Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell...
PT-2024-39018 · Planet Technology · Planet Technology Switch
Name of the Vulnerable Software and Affected Versions: PLANET Technology switch models affected versions not specified Description: The issue concerns a hard-coded credential in the command-line interface of certain switch models from PLANET Technology. This allows remote attackers with regular...
CVE-2024-44667
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2v1.0.1557.15.35P0 is vulnerable to Incorrect Access Control. Unauthenticated factory mode reset and command injection leads to information exposure and root shell access...
Exploit for Improper Privilege Management in Enlightenment
CVE-2022-37706 The CVE-2022-37706 vulnerability is relate...
PT-2024-31203 · Shenzhen Haichangxing Technology Co. · Hcx H822 4G Lte Router
Name of the Vulnerable Software and Affected Versions: Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router version M7628NNxISPxUIv2 v1.0.1557.15.35 P0 Description: The issue is related to Incorrect Access Control, allowing unauthenticated factory mode reset and command injection. Thi...
CVE-2024-44667
CVE-2024-44667 affects Shenzhen Haichangxing HCX H822 4G LTE Router (M7628NNxISPxUIv2_v1.0.1557.15.35_P0). The vulnerability is Incorrect Access Control that allows unauthenticated factory mode reset and command injection, leading to information exposure and potential root shell access. Public so...
CVE-2024-44667
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2v1.0.1557.15.35P0 is vulnerable to Incorrect Access Control. Unauthenticated factory mode reset and command injection leads to information exposure and root shell access...
CVE-2024-44667
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2v1.0.1557.15.35P0 is vulnerable to Incorrect Access Control. Unauthenticated factory mode reset and command injection leads to information exposure and root shell access...
Linux Kernel 5.6.13 Use-After-Free Exploit
Proof of concept exploit that uses a use-after-free vulnerability due to a race condition in MIDI devices in Linux Kernel version 5.6.13. // gcc -o exploit exploit.c -masm=intel -static -s -lpthread define GNUSOURCE include include include include include include include include include include...