Remote command execution via filename

A remote shell execution vulnerability when using MiniMagick::Image.open with URL coming from unsanitized user input. e.g. MiniMagick::Image.open"| touch.txt"...

CVE-2019-13024

Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "initscript"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the...

ghostscript: incomplete fix for CVE-2018-16509

It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document...

Remote Code Execution (RCE)

funcster is vulnerable to remote code execution RCE attacks. The application uses the unsafe shell execution API commands, allowing a malicious user to inject and execute arbitrary code through the git checkout command...

Remote Code Execution (RCE)

pullit is vulnerable to remote code execution RCE attacks. The application uses the unsafe shell execution API commands, allowing a malicious user to inject and execute arbitrary code through the git checkout command...

Siaberry 1.2.2 - Command Injection

Siaberry 1.2.2 - Command Injection Siaberry's Command Injection Vulnerability Today, I’d like to share several interesting vulnerabilities I discovered in Siaberry, a hardware device for earning cryptocurrency. Siaberry runs on Sia, a decentralized marketplace for buying and selling data storage...

TerraMaster TOS Unauthenticated Remote Command Execution

Vulnerability Summary The following advisory describes a unauthenticated remote command execution found in TerraMaster TOS 3.0.33. TOS is a “Linux platform-based operating system developed for TerraMaster cloud storage NAS server. TOS 3 is the third generation operating system newly launched.”...

CVE-2017-16522

MitraStar GPT-2541GNAC HGU 1.00VNJ0b1 and DSL-100HN-T1 ES113WJY0b16 devices allow remote authenticated users to obtain root access by specifying /bin/sh as the command to execute...

Akeneo PIM CE and EE Command Injection Vulnerabilities

Akeneo PIM CE is a cloud-based, open source product information management system, and Akeneo PIM EE is its enterprise version. A command injection vulnerability exists in Akeneo PIM CE and EE. A remote attacker could exploit this vulnerability to execute shell commands...

mysql: Incorrect input validation allowing code execution via mysqldump

It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...

CVE-2017-9800

A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server to attack another...

Foscam C1 Indoor HD Camera cgiproxy.fcgi SMTP Test Command Injection Vulnerability

Foscam C1 Indoor HD Camera is a wireless HD IP camera from Foscam China. A security vulnerability exists in the web management interface in the Foscam C1 Indoor HD Camera using the 2.52.2.37 application firmware. The vulnerability can be exploited to inject arbitrary shell characters by sending a...

CVE-2017-2845

An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SMTP configuration tests...

Unspecified Vulnerability in Mimosa Client Radios and Mimosa Backhaul Radios (CNVD-2017-08182)

Mimosa Client Radios and Mimosa Backhaul Radios are both products of Mimosa Networks, Inc.Mimosa Client Radios is a hypervisor for the client devices of the Mimosa multipoint solution.Mimosa Backhaul Radios is Mimosa Backhaul Radios is a management program for broadband backhaul devices. A securi...

Arbitrary shell execution

Security Advisory - This release contains a fix for a security advisory related to the improper handling of a shell command - A properly crafted filename would allow for arbitrary code execution when using the --filter=gitmodified command line option - All version 3 users are encouraged to upgrad...

Arbitrary shell execution

Security Advisory This release contains a fix for a security advisory related to the improper handling of shell commands Uses of shellexec and exec were not escaping filenames and configuration settings in most cases A properly crafted filename or configuration option would allow for arbitrary co...

Arbitrary shell execution

Security Advisory - This release contains a fix for a security advisory related to the improper handling of shell commands - Uses of shellexec and exec were not escaping filenames and configuration settings in most cases - A properly crafted filename or configuration option would allow for...

openSUSE: Security Advisory for GraphicsMagick (openSUSE-SU-2016:3060-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2016-3129

A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server GEMS implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22.25 allows remote attackers to obtain local administrator rights on the GEMS server via commands executed on the Karaf...

CVE-2016-3129

The CVE-2016-3129 entry describes a remote code execution vulnerability in BlackBerry Good Enterprise Mobility Server (GEMS) via the Apache Karaf command shell. Affected versions are 2.1.5.3 through 2.2.22.25. An attacker can execute commands to gain local administrator rights on the GEMS server....