Citrix SD-WAN 信任管理问题漏洞

Citrix SD-WAN is a networking product from Citrix, Inc. It virtualizes and optimizes enterprise site-to-site networks. A security vulnerability exists in Citrix SD-WAN that stems from hard-coded credentials that allow administrators to access the shell via the SD-WAN CLI...

CVE-2022-27506

Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI...

CVE-2021-24009

Multiple improper neutralization of special elements used in an OS command vulnerabilities CWE-78 in the Web GUI of FortiWAN before 4.5.9 may allow an authenticated attacker to execute arbitrary commands on the underlying system's shell via specifically crafted HTTP requests...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Docker $ sudo docker build -t . $ sudo...

PT-2022-13166 · Gogs · Gogs

Name of the Vulnerable Software and Affected Versions: gogs versions prior to 0.12.6 Description: The issue allows a malicious user to upload a crafted config file into a repository's .git directory to gain SSH access to the server. This affects all installations with repository upload enabled,...

Phicomm 多款产品信任管理问题漏洞

Phicomm PHICOMM K2 is a wireless router.PHICOMM K3 is a dual-band Gigabit wireless WiFi router.PHICOMM K3C is a dual-band Gigabit wireless WiFi router.PHICOMM K2 A7 is a dual-band Gigabit wireless WiFi router.PHICOMM K2G A1 is a dual-band Gigabit wireless WiFi router. The PHICOMM K3 is a dual-ban...

CVE-2022-23729

When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010...

CVE-2022-23729

When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010...

Authentication flaw

When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010...

CVE-2022-23729

When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010...

CVE-2022-23729

CVE-2022-23729 affects LG mobile devices when in factory state, allowing shell access without adb authentication. The issue is described consistently across multiple sources (NVD, Red Hat, CVE records, CNNVD) as an authentication flaw enabling direct shell access in factory mode. The Root Cause a...

LG mobile 授权问题漏洞

LG mobile is a line of mobile devices from LG. A security vulnerability exists in LG mobile that stems from a shell that can be accessed without adb authentication when the device is in the factory state...

CVE-2022-22945

VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root...

CVE-2019-16864

CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM...

Enterprise Distributed Technologies CompleteFTP Server 命令注入漏洞

Enterprise Distributed Technologies CompleteFTP Server is a Windows-based SFTP SHH File Transfer Protocol server from Enterprise Distributed Technologies, Australia. A security vulnerability exists in Enterprise Distributed Technologies CompleteFTP Server versions prior to 12.1.4 that stems from...

[SECURITY] Fedora 35 Update: ipython-7.26.0-3.fc35

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

[SECURITY] Fedora 34 Update: ipython-7.20.0-2.fc34

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

Emerson OSE Credentials Management Errors (CVE-2013-0694)

The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by...

fastadmin code problem vulnerability

fastadmin is a set of ThinkPHP and Bootstrap-based web backend development framework. fastadmin has a security vulnerability that stems from the fact that Fastadmin v1.2.1 is affected by a file upload vulnerability that allows execution of arbitrary code via shell access. No details of the...

CVE-2021-43117

fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access...