CVE-2021-34722 Cisco IOS XR Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details sectio...

CVE-2021-34722 Cisco IOS XR Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details sectio...

CVE-2021-34721 Cisco IOS XR Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details sectio...

CVE-2021-34721 Cisco IOS XR Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details sectio...

Cisco IOS XR Software Command Injection Vulnerability (CNVD-2021-102364)

Cisco IOS XR Software is an operating system developed by Cisco for its network devices.Cisco IOS XR Software is vulnerable to a command injection vulnerability that could be exploited to access the underlying root shell of the affected device and execute arbitrary commands with root privileges...

Cisco IOS XR Software Command Injection Vulnerability

A command injection vulnerability exists in the CLI of Cisco IOS XR Software, a unique self-healing and self-defending operating system that not only supports 24x7 operations, but also allows for continuous expansion and addition of new services or features. The vulnerability stems from a program...

Cisco IOS XR Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 Introduction This repository was created f...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 ============= Sudo before 1.9.5p2 contains an off...

Akkadian Provisioning Manager 信任管理问题漏洞

Akkadian Provisioning Manager is a provisioning solution from Akkadian USA for new integrations for more robust provisioning automation. A trust management issue vulnerability exists in Akkadian Provisioning Manager Engine PME that allows an unauthorized attacker to have root-level shell access t...

Akkadian Provisioning Manager 安全漏洞

Akkadian Provisioning Manager is a provisioning solution from Akkadian USA for new integrations for more robust provisioning automation. A security vulnerability exists in the Akkadian Provisioning Manager Engine PME that allows an unauthorized attacker to have root-level shell access to affected...

NETGEAR WAC104身份验证绕过漏洞(CVE-2021-35973)

Summary: Affected Model: NETGEAR WAC104 Dual Band 802.11ac Wireless Access Point Firmware Version: V1.0.4.13 from 2020-09-14 NETGEAR WAC104 Access Point has multiple vulnerabilities which - chained together - allow an attacker in LAN to both change device admin's password, and gain root shell on...

Okta Access Gateway 2020.5.5 Authenticated Remote Root Vulnerability

Okta Access Gateway v2020.5.5 Post-Auth Remote Root RCE CVE-2021-28113 ======= Details ======= There are two command injection bugs can that be triggered after authenticating to the web UI. Since the injection occurs when a script is executed with sudo, the commands are ran with root privileges...

Acronis: Acronis True Image Local Privilege Escalation Due To Race Condition In Application Verification

Summary The Acronis True Image application has a SUID binary "Acronis True Image" that starts another binary "console" in the same directory. The SUID binary does some checks on "console" before it is run to make sure the correct binary is being run. By using a hardlink to the SUID binary we can...

Exploit for Off-by-one Error in Sudo_Project Sudo

Baron Samedit - Sudo CVE 2021-3156 PoC...

Traitor - Automatic Linux Privesc Via Exploitation Of Low-Hanging Fruit E.G. GTFOBin

Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy! Traitor packages up a bunch of methods to exploit local misconfigurations and vulnerabilities including most of GTFOBins in order to pop a root shell. It'll exploit most sudo privileges listed in...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 Root shell PoC for CVE-2021-3156 no brutef...

CVE-2020-12519

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i.e. to open a reverse shell with root privileges...

Command Execution Vulnerability in EasyGate Easy Gateway of Ruijie Networks Co.

EasyGate hereinafter referred to as RG-EG is a multi-service integrated gateway product launched by Ruijie Networks to solve the current network egress problems. A command execution vulnerability exists in the EasyGate Easy Gateway of Ruijie Networks Corporation, which can be exploited by an...

Exploit for OS Command Injection in Webmin

CVE-2019–15107 - Unauthenticated RCE Webmin =1.920 This...