969 matches found
CVE-2024-36445
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without authentication...
CVE-2024-36445
CVE-2024-36445 affects Swissphone DiCal-RED 4009 devices, where an unauthenticated TELNET access path permits a remote attacker to obtain a root shell. The advisory and linked sources describe a missing-authentication vulnerability (CWE-306) in the DiCal-RED 4009 module, with the CVSSv3.1 vector ...
PT-2024-27005 · Swissphone · Swissphone Dical-Red 4009
Name of the Vulnerable Software and Affected Versions: Swissphone DiCal-RED 4009 devices affected versions not specified Description: The issue allows a remote attacker to gain a root shell via TELNET without authentication. Recommendations: At the moment, there is no information about a newer...
CVE-2024-36445
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without authentication...
CVE-2024-36445
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without authentication...
CVE-2022-27486
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1...
CVE-2024-41692 Incorrect Access Control Vulnerability
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system. Successful exploitation of this...
CVE-2024-41692 Incorrect Access Control Vulnerability
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system. Successful exploitation of this...
PT-2024-29513 · Syrotech · Sy-Gpon-1110-Wdont Router
Name of the Vulnerable Software and Affected Versions: SyroTech SY-GPON-1110-WDONT Router affected versions not specified Description: The issue exists due to the presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit...
Exploit for Code Injection in Vmware Cloud_Foundation
CVE-2024-22274 Exploit This repository contains an exploit fo...
Exploit for Code Injection in Vmware Cloud_Foundation
CVE-2024-22274 - Run and input host ip, port, username and p...
Openmediavault Remote Code Execution / Local Privilege Escalation Exploit
Openmediavault versions prior to 7.0.32 have a vulnerability that occurs when users in the web-admin group enter commands on the crontab by selecting the root shell. As a result of exploiting the vulnerability, authenticated web-admin users can run commands with root privileges and receive revers...
Ray OS v2.6.3 - Command Injection RCE(Unauthorized)
Exploit Title: Ray OS v2.6.3 - Command Injection RCEUnauthorized Description: The Ray Project dashboard contains a CPU profiling page, and the format parameter is not validated before being inserted into a system command executed in a shell, allowing for arbitrary command execution. If the system...
CVE-2024-28354
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb%d.username in the apply.cgi interface, thereby gaining root shell privileges...
CVE-2024-28354
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb%d.username in the apply.cgi interface, thereby gaining root shell privileges...
CVE-2024-28353
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.config.smbadminname in the apply.cgi interface, thereby gaining root shell privileges...
TRENDnet TEW-827DRU Security Vulnerability
The TRENDnet TEW-827DRU is a wireless router from TRENDnet. A security vulnerability exists in firmware version 2.10B01 of the TRENDnet TEW-827DRU, which stems from the presence of a command injection vulnerability that could allow an attacker to gain root shell privileges via command injection...
CVE-2024-28354
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb%d.username in the apply.cgi interface, thereby gaining root shell privileges...
CVE-2024-28353
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.config.smbadminname in the apply.cgi interface, thereby gaining root shell privileges...
CVE-2024-28353
CVE-2024-28353 affects the TRENDnet TEW-827DRU router (firmware 2.10B01). The issue is a command injection in the apply.cgi interface where an attacker can inject commands through the post parameter usapps.config.smb_admin_name, potentially gaining root shell privileges. Connected sources confirm...