Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS. A security vulnerability exists in Juniper Networks Junos OS Evolved that stems from a user control key bypass authorization vulnerability that allows a local authenticated attacker with shell access to take...

Exploit for Code Injection in Extron Smp_111_Firmware

!alt texthttps://github.com/layer8secure/extron-smp-inject/bl...

Simple College Website 1.0 Shell Upload

============================================================================================================================================= | Title : Simple College Website 1.0 code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0...

PT-2024-7151 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions prior to 21.2R3-S8-EVO Juniper Networks Junos OS Evolved versions from 21.4-EVO prior to 21.4R3-S8-EVO Juniper Networks Junos OS Evolved versions from 22.2-EVO prior to 22.2R3-S4-EVO Juniper Networks...

CVE-2024-7756

A potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell...

CVE-2024-42025

A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers Linux with UniFi Network Application Version 8.3.32 and earlier allows a malicious actor with unifi user shell access to escalate privileges to root on the host device...

Ubiquiti UniFi Network 安全漏洞

Ubiquiti UniFi Network is a wireless network management software solution from Ubiquiti, Inc. It is used to set up and manage UniFi Network devices. A security vulnerability exists in Ubiquiti UniFi Network version 8.3.32 and prior versions, which stems from the presence of a command injection...

CVE-2024-44667

Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2v1.0.1557.15.35P0 is vulnerable to Incorrect Access Control. Unauthenticated factory mode reset and command injection leads to information exposure and root shell access...

PT-2024-31203 · Shenzhen Haichangxing Technology Co. · Hcx H822 4G Lte Router

Name of the Vulnerable Software and Affected Versions: Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router version M7628NNxISPxUIv2 v1.0.1557.15.35 P0 Description: The issue is related to Incorrect Access Control, allowing unauthenticated factory mode reset and command injection. Thi...

CVE-2024-44667

Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2v1.0.1557.15.35P0 is vulnerable to Incorrect Access Control. Unauthenticated factory mode reset and command injection leads to information exposure and root shell access...

CVE-2024-44667

CVE-2024-44667 affects Shenzhen Haichangxing HCX H822 4G LTE Router (M7628NNxISPxUIv2_v1.0.1557.15.35_P0). The vulnerability is Incorrect Access Control that allows unauthenticated factory mode reset and command injection, leading to information exposure and potential root shell access. Public so...

CVE-2024-44667

Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2v1.0.1557.15.35P0 is vulnerable to Incorrect Access Control. Unauthenticated factory mode reset and command injection leads to information exposure and root shell access...

Exploit for Special Element Injection in Google Android

!python-static-badgehttps://img.shields.io/badge/Python-blue?...

CVE-2024-38877

A vulnerability has been identified in Omnivise T3000 Application Server R9.2 All versions, Omnivise T3000 Domain Controller R9.2 All versions, Omnivise T3000 Network Intrusion Detection System NIDS R9.2 All versions, Omnivise T3000 Product Data Management PDM R9.2 All versions, Omnivise T3000 R8...

CVE-2024-31970

AdTran SRG 834-5 HDC17600021F1 devices with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1 have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination of admin/admin with...

PT-2024-5332 · Argo Cd · Argo Cd

Name of the Vulnerable Software and Affected Versions: Argo CD versions 2.6.0 through 2.11.6 Argo CD versions 2.7.0 through 2.10.15 Argo CD versions 2.8.0 through 2.9.20 Description: The issue is related to the Argo CD web terminal, which allows users to get a shell inside a running pod. When the...

PT-2024-39061

Name of the Vulnerable Software and Affected Versions: VICIdial affected versions not specified Description: The issue allows an attacker with authenticated access as an "agent" to execute arbitrary shell commands as the "root" user. This can potentially be chained with other exploits to achieve...

PT-2024-10392

Name of the Vulnerable Software and Affected Versions Edimax AC1200 Wi-Fi 5 Dual-Band router BR-6476AC version 1.06 Description The issue is related to command injection problems in /bin/goahead, which can be triggered through API endpoints such as "/goform/tracerouteDiagnosis",...

Backdrop CMS 1.27.1 Remote Command Execution

Exploit Title: Backdrop CMS 1.27.1 - Remote Command Execution RCE Date: 04/27/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.27.1/backdrop.zip Version: latest Tested on: MacOS import os impor...

CVE-2024-31486

A vulnerability has been identified in OPUPI0 AMQP/MQTT All versions V5.30. The affected devices stores MQTT client passwords without sufficient protection on the devices. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss...