CVE-2018-15458

A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center FMC, when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service DoS condition. The vulnerability occur...

CVE-2018-15458 Cisco Firepower Management Center Disk Utilization Denial of Service Vulnerability

A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center FMC, when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service DoS condition. The vulnerability occur...

CVE-2018-15458

Cisco Firepower Management Center (FMC) Shell Access Filter vulnerability allows an unauthenticated, remote attacker to trigger unbounded writes to a system log file when used with certain remote authentication configurations. This can cause high disk utilization, leading to a DoS and instability...

CVE-2018-15458 Cisco Firepower Management Center Disk Utilization Denial of Service Vulnerability

A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center FMC, when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service DoS condition. The vulnerability occur...

Cisco Firepower Management Center Resource Management Error Vulnerability

Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. A resource management error vulnerability exists in the Shell Access Filter feature in Cisco FMC, which can be exploited by a remote attacker to cause a denial of service by sending a seri...

PT-2019-1372 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center affected versions not specified Description: The issue is related to errors in resource management in the Shell Access Filter feature of Cisco Firepower Management Center. It could allow a remote attacker to...

Cisco Firepower Management Center Disk Utilization Denial of Service Vulnerability

A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center FMC, when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service DoS condition. The vulnerability occur...

Guardzilla GZ180 Command Injection Vulnerability

The Guardzilla GZ180 is a home security surveillance camera. A command injection vulnerability exists in the remote upgrade feature in the Guardzilla GZ180. An attacker can exploit this vulnerability to gain shell access to the device and execute system commands with the help of specially crafted...

CVE-2018-6978

vRealize Operations 7.x before 7.0.0.11287810, 6.7.x before 6.7.0.11286837 and 6.6.x before 6.6.1.11286876 contains a local privilege escalation vulnerability due to improper permissions of support scripts. Admin user of the vROps application with shell access may exploit this issue to elevate th...

CVE-2018-6978

vRealize Operations 7.x before 7.0.0.11287810, 6.7.x before 6.7.0.11286837 and 6.6.x before 6.6.1.11286876 contains a local privilege escalation vulnerability due to improper permissions of support scripts. Admin user of the vROps application with shell access may exploit this issue to elevate th...

CVE-2018-6978

CVE-2018-6978 affects VMware vRealize Operations (vROps) Manager. A local privilege escalation exists due to improper permissions on support scripts, enabling an admin user with shell access to elevate to root on the vROps host. Affected products/versions: vROps 7.x prior to 7.0.0.11287810; 6.7.x...

VMSA-2018-0031:vRealize Operations updates address a local privilege escalation vulnerability

VMSA-2018-0031 vRealize Operations updates address a local privilege escalation vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0031 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: vRealize Operations updates address a local...

Mikrotik RouterOS Telnet Arbitrary Root File Creation Vulnerability

An exploitable arbitrary file creation weakness has been identified in Mikrotik RouterOS that can be leveraged by a malicious attacker to exploit all known versions of Mikrotik RouterOS. The RouterOS contains a telnet client based on GNU inetutils with modifications to remove shell subsystem...

CVE-2018-15441

A vulnerability in the web framework code of Cisco Prime License Manager PLM could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerabilit...

CVE-2018-15441 Cisco Prime License Manager SQL Injection Vulnerability

A vulnerability in the web framework code of Cisco Prime License Manager PLM could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerabilit...

GHSA-XX65-CC7G-9PFP Moderate severity vulnerability that affects org.springframework.boot:spring-boot

Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "runuser" to overwrite and...

Moderate severity vulnerability that affects org.springframework.boot:spring-boot

Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "runuser" to overwrite and...

FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials

FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-14 Vendor: FLIR Systems, Inc Product web page: https://www.flir.com Affected version: Firmware: 1.32.16,...

FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials

Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-14 Vendor: FLIR Systems, Inc Product web page: https://www.flir.com Affected version: Firmware: 1.32.16, 1.17.13, OS: necov1.8-0-g7ffe5b3 Hardware: Flir Systems Nec...

FLIR Systems FLIR AX8 Thermal Camera 1.32.16 Hard-coded Credentials Shell Access

FLIR Systems FLIR AX8 Thermal Camera 1.32.16 Hard-coded Credentials Shell Access Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected version: Firmware: 1.32.16 1.17.13 OS: necov1.8-0-g7ffe5b3 Hardware: Flir Systems Neco Board Summary: Thermal Imaging Camera For Continuous...