Design/Logic Flaw

An issue was discovered in CALDERA 2.8.1. When activated, the Human plugin passes the unsanitized name parameter to a python "os.system" function. This allows attackers to use shell metacharacters e.g., backticks "" or dollar parenthesis "$" in order to escape the current command and execute...

CVE-2021-23154

In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user's shell. Arguments can be provided which cause arbitrary shell commands to run on the system...

CVE-2021-23154 Command injection in Lens causes arbitrary shell command execution when malicious custom helm chart configuration provided

In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user's shell. Arguments can be provided which cause arbitrary shell commands to run on the system...

Apache Kylin OS Command Injection Vulnerability

Apache Kylin is an open source distributed analytic data warehouse from the Apache Foundation. The product mainly provides SQL query interface and multidimensional analysis OLAP on top of Hadoop/Spark. Apache kylin is vulnerable to operating system command injection, which stems from the fact tha...

CVE-2021-45456

CVE-2021-45456 affects Apache Kylin 4.0.0. Multiple connected sources describe a mismatch between the legitimacy check for the project name and the shell command argument in DiagnosisService, enabling potential command injection. The issue is network-exploitable with a very high CVSS score (3.1: ...

EulerOS Virtualization 3.0.2.6 : sssd (EulerOS-SA-2021-2880)

According to the versions of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire...

CVE-2021-3621

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest...

CVE-2021-3621

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest...

CVE-2021-3621

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest...

CVE-2021-3621

SSSD is affected by CVE-2021-3621. The sssctl command (logs-fetch and cache-expire) is vulnerable to shell command injection, enabling an attacker to trick root (e.g., via sudo) into running a crafted sssctl command to gain root privileges. Advisories from Astra Linux, Debian LTS, Gentoo and Amaz...

Updated busybox packages fix security vulnerability

A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input. CVE-2021-42376 An attacker-controlled...

CVE-2021-4041

A flaw was found in ansible-runner. An improper escaping of the shell command, while calling the ansiblerunner.interface.runcommand, can lead to parameters getting executed as host's shell command. A developer could unintentionally write code that gets executed in the host rather than the virtual...

Advanced Comment System 1.0 - Remote Command Execution (RCE)

Exploit Title: Advanced Comment System 1.0 - Remote Command Execution RCE Date: November 30, 2021 Exploit Author: Nicole Daniella Murillo Mejias Version: Advanced Comment System 1.0 Tested on: Linux !/usr/bin/env python3 DESCRIPTION: Commands are Base64 encoded and sent via POST requests to the...

CVE-2021-26614

iusget.cgi in IpTime C200 camera allows remote code execution. A remote attacker may send a crafted parameters to the exposed vulnerable web service interface which invokes the arbitrary shell command...

Remote code execution

iusget.cgi in IpTime C200 camera allows remote code execution. A remote attacker may send a crafted parameters to the exposed vulnerable web service interface which invokes the arbitrary shell command...

CVE-2021-26614 IpTime C200 IP camera remote code execution vulnerability

iusget.cgi in IpTime C200 camera allows remote code execution. A remote attacker may send a crafted parameters to the exposed vulnerable web service interface which invokes the arbitrary shell command...

EulerOS Virtualization 2.9.0 : sssd (EulerOS-SA-2021-2767)

According to the versions of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2021-2739)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.9.1 : sssd (EulerOS-SA-2021-2739)

According to the versions of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire...

CVE-2021-42377

A flaw was found in BusyBox, where it did not properly sanitize while processing a crafted shell command, leading to a denial of service and possible code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...