935 matches found
CVE-2024-39228
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface...
GL.iNet多款产品 注入漏洞
GL.iNet AR750S and others are products of China's Guanglian Intelligent Communication GL.iNet company.GL.iNet AR750S is a router.GL.iNet AR750 is a router.GL.iNet AR300M is a router.The vulnerability is caused by a shell injection vulnerability in the checkovpnclientconfig interface.The...
PT-2024-28400 · Gl.Inet · Mt300N-V2 +19
Name of the Vulnerable Software and Affected Versions: GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 version 4.3.11 GL-iNet products MT3000/MT2500/AXT1800/AX1800/A1300/X300B version 4.5.16 GL-iNet products XE300 version 4.3.16 GL-iNet products E750 version 4.3....
CVE-2024-39228
GL.iNet firmware for multiple models (AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11; MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16; XE300 v4.3.16; E750 v4.3.12; AP1300/S1300 v4.3.13; XE3000/X3000 v4.4) contains a shell injection vulnerability via the interfaces check...
CVE-2024-39228
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface...
CVE-2024-39227
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain insecure permissions in the endpoint /cgi-bin/glc. This...
CVE-2024-39227
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain insecure permissions in the endpoint /cgi-bin/glc. This...
CVE-2024-39227
CVE-2024-39227 affects GL.iNet routers (AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11; MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16; XE300 v4.3.16; E750 v4.3.12; AP1300/S1300 v4.3.13; XE3000/X3000 v4.4). An insecure permission issue in endpoint /cgi-bin/glc allows u...
GHSA-VX24-X4MV-VWR5 Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands
Description Starship is a cross-shell prompt. Starting in version 1.0.0 and prior to version 1.20.0, undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. Version 1.20.0 fixes the...
Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands
Description Starship is a cross-shell prompt. Starting in version 1.0.0 and prior to version 1.20.0, undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. Version 1.20.0 fixes the...
CVE-2024-41815
Starship is a cross-shell prompt. Starting in version 1.0.0 and prior to version 1.20.0, undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. This issue only affects users with...
CVE-2024-41815
Starship is a cross-shell prompt. Starting in version 1.0.0 and prior to version 1.20.0, undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. This issue only affects users with...
CVE-2024-41815 Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands
Starship is a cross-shell prompt. Starting in version 1.0.0 and prior to version 1.20.0, undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. This issue only affects users with...
CVE-2024-41815 Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands
Starship is a cross-shell prompt. Starting in version 1.0.0 and prior to version 1.20.0, undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. This issue only affects users with...
CVE-2024-41815 Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands
Starship is a cross-shell prompt. Starting in version 1.0.0 and prior to version 1.20.0, undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. This issue only affects users with...
CVE-2024-41815
Starship is a cross-shell prompt. Starting in version 1.0.0 and prior to version 1.20.0, undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. This issue only affects users with...
CVE-2024-41815
Starship (shell prompt) is affected by CVE-2024-41815: before 1.20.0, undocumented shell expansion/quoting in custom commands can lead to shell injection in Bash. Impact is limited to users with custom commands, but local exploitation is possible. Version 1.20.0 contains the fix; upgrade to mitig...
RUSTSEC-2024-0446 Shell expansion in custom commands
Summary Undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. Details I wanted to show the git commit name in my prompt I use bash, so I added a command: custom.gitcommitname comma...
Shell expansion in custom commands
Summary Undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. Details I wanted to show the git commit name in my prompt I use bash, so I added a command: custom.gitcommitname comma...
Starship 安全漏洞
Starship is an open source prompt program for any shell by Starship Command. A security vulnerability exists in Starship version 1.0.0 through versions prior to 1.20.0. An attacker exploited the vulnerability to cause shell injection...