REINER SCT Reiner TimeCard 信任管理问题漏洞

REINER SCT Reiner TimeCard is a chip card reading device from REINER SCT, Germany, used for access protection in secure online banking devices, terminals for dealers and merchants using girocard payments, and PC workstations. A security vulnerability exists in REINER SCT Reiner TimeCard version...

NETGEAR R6020 Command Injection Vulnerability

The NETGEAR R6020 is a router from Netgear, Inc. NETGEAR R6020 is vulnerable to a command injection vulnerability in version 1.0.0.48, which stems from a lack of validation and filtering in the ntpserver field of setup.cgi. An attacker with administrator status can use this vulnerability to injec...

CVE-2021-41383

setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in the ntpserver field...

CVE-2021-41383

setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in the ntpserver field...

CVE-2021-41383

setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in the ntpserver field...

DELL EMC OpenManage Enterprise-Modular OS Command Injection Vulnerability

An operating system command injection vulnerability exists in Dell EMC OpenManage Enterprise-Modular OME-M versions prior to 1.10.00. A remote attacker could exploit this vulnerability to execute arbitrary Shell commands on the affected system...

Nimplant - A Cross-Platform Implant Written In Nim

Nimplant is a cross-platform Linux & Windows implant written in Nim as a fun project to learn about Nim and see what it can bring to the table for red team tool development. Currently, Nimplant lacks extensive evasive tradecraft; however, overtime Nimplant will become much more sophisticated...

DEBIAN-CVE-2021-38173

Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using sshfilterbtrbk.sh in authorizedkeys...

Fortinet 多款产品操作系统命令注入漏洞

Fortinet FortiManager, a centralized network security management platform, is a centralized network security reporting solution, Fortinet FortiAnalyzer. FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for the FortiGate, FortiWiFi, and FortiAP product...

FortiManager, FortiAnalyzer and FortiPortal - Multiple OS command injection vulnerabilities

Multiple OS command injection CWE-78 vulnerabilities in the command line interface of FortiManager, FortiAnalyzer, and FortiPortal may allow a local authenticated and unprivileged user to execute arbitrary shell commands as root via specifically crafted CLI command parameters...

CVE-2021-22125

An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file...

CVE-2020-5322

Dell EMC OpenManage Enterprise-Modular OME-M versions prior to 1.10.00 contain a command injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit the vulnerability to execute arbitrary shell commands on the affected system...

CVE-2020-5322

Dell EMC OpenManage Enterprise-Modular OME-M versions prior to 1.10.00 contain a command injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit the vulnerability to execute arbitrary shell commands on the affected system...

Command injection

Dell EMC OpenManage Enterprise-Modular OME-M versions prior to 1.10.00 contain a command injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit the vulnerability to execute arbitrary shell commands on the affected system...

FortiSandbox 安全漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandbox technology, dynamic threat intelligence system, real-time control panel and reporting. FortiSandbox suffers from a security vulnerability that allows authenticated...

CVE-2021-26089

An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged user to execute arbitrary privileged shell commands during installation phase...

CVE-2021-26089

An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged user to execute arbitrary privileged shell commands during installation phase...

Advisory ROSA-SA-2021-1860

Software: ksh 20120801 OS: Cobalt 7.9 CVE-ID: CVE-2019-14868 CVE-Crit: HIGH CVE-DESC: a bug was discovered in ksh version 20120801 in the way certain environment variables are evaluated. An attacker could exploit this vulnerability to override or bypass environment restrictions to execute shell...

Hitachi Virtual File Platform 操作系统命令注入漏洞

Hitachi Virtual File Platform is a virtual file platform from Hitachi, Japan. Hitachi Virtual File Platform suffers from an operating system command injection vulnerability that stems from incorrect input validation. A remotely authenticated attacker could pass specially crafted data to the...

CVE-2021-26471

In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebserviceo.php accepts a command argument. Using this command argument an unauthenticated attacker can execute arbitrary shell commands...