314 matches found
CVE-2023-46687
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer...
CVE-2023-49254
Authenticated user can execute arbitrary commands in the context of the root user by providing payload in the "destination" field of the network test tools. This is similar to the vulnerability CVE-2021-28151 mitigated on the user interface level by blacklisting characters with JavaScript, howeve...
CVE-2022-39818
In NOKIA NFM-T R19.9, an OS Command Injection vulnerability occurs in /cgi-bin/R19.9/log.pl of the VM Manager WebUI via the cmd HTTP GET parameter. This allows authenticated users to execute commands, with root privileges, on the operating system...
CVE-2023-20063
A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense FTD Software and devices that are running Cisco Firepower Management FMC Software could allow an authenticated, local attacker to execute arbitrary commands with root...
CVE-2023-36618
Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users...
CVE-2023-20017
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities. These...
PT-2023-4520 · Cisco · Cisco Intersight Private Virtual Appliance
Name of the Vulnerable Software and Affected Versions: Cisco Intersight Private Virtual Appliance affected versions not specified Description: The issue is due to insufficient input validation when extracting uploaded software packages, allowing an authenticated, remote attacker with Administrato...
PT-2023-4522 · Cisco · Cisco Intersight Private Virtual Appliance
Name of the Vulnerable Software and Affected Versions: Cisco Intersight Private Virtual Appliance affected versions not specified Description: The issue is due to insufficient input validation when extracting uploaded software packages, allowing an authenticated, remote attacker with Administrato...
CVE-2023-38997
A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive...
PT-2023-25869 · Casaos · Casaos
Name of the Vulnerable Software and Affected Versions: CasaOS versions prior to 0.4.4 Description: CasaOS is an open-source Personal Cloud system. Due to a lack of IP address verification, an unauthenticated attacker can execute arbitrary commands as root on CasaOS instances. The problem was...
CVE-2021-4406
An authenticated attacker is able to create alerts that trigger a stored XSS attack. POC go to the alert manager open the ITSM tab add a webhook with the URL/service token value ' -h && id | tee /tmp/ttttttddddssss ' whitespaces are tab characters click add click apply create a test alert The tes...
PT-2023-8202 · Opnsense · Opnsense
Name of the Vulnerable Software and Affected Versions: OPNsense Community Edition versions prior to 23.7 OPNsense Business Edition versions prior to 23.4.2 Description: A directory traversal vulnerability exists in the Captive Portal templates of OPNsense, allowing attackers to execute arbitrary...
WAVLINK WL-WN531AX2 安全漏洞
The WAVLINK WL-WN531AX2 is a wireless router from the Chinese company WAVLINK. A security vulnerability exists in WAVLINK WL-WN531AX2 versions prior to 2023526, which originates from allowing a logged in user to execute operating system commands with root privileges...
WAVLINK WL-WN531AX2 代码问题漏洞
The WAVLINK WL-WN531AX2 is a wireless router from the Chinese company WAVLINK. The WAVLINK WL-WN531AX2 suffers from a code issue vulnerability that stems from the presence of a file upload vulnerability. An attacker can exploit this vulnerability to upload arbitrary files and execute system...
CVE-2023-33869
Enphase Envoy versions D7.0.88 is vulnerable to a command injection exploit that may allow an attacker to execute root commands...
Command injection
Enphase Envoy versions D7.0.88 is vulnerable to a command injection exploit that may allow an attacker to execute root commands...
CVE-2023-33869 Enphase Envoy OS Command Injection
Enphase Envoy versions D7.0.88 is vulnerable to a command injection exploit that may allow an attacker to execute root commands...
CVE-2023-33294
An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctwebserver binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted and returns...
CVE-2023-33294
An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctwebserver binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted and returns...
Cisco DNA Center 安全漏洞
Cisco DNA Center is a network management and command center service from Cisco USA. Cisco DNA Center is vulnerable to an authorization issue. The vulnerability stems from improper authorization of API requests and can be exploited by an authenticated, remote attacker to read information from a...