11 matches found
EUVD-2024-29805
Malicious code in bioql PyPI...
CVE-2024-30213
StoneFly Storage Concentrator SC and SCVM before 8.0.4.26 allows remote authenticated users to achieve Command Injection via a Ping URL, leading to remote code execution...
CVE-2024-31947
StoneFly Storage Concentrator SC and SCVM before 8.0.4.26 allows Directory Traversal by authenticated users. Using a crafted path parameter with the Online Help facility can expose sensitive system information...
CVE-2024-31947
StoneFly Storage Concentrator SC and SCVM before 8.0.4.26 allows Directory Traversal by authenticated users. Using a crafted path parameter with the Online Help facility can expose sensitive system information...
CVE-2024-30213
StoneFly Storage Concentrator SC and SCVM before 8.0.4.26 allows remote authenticated users to achieve Command Injection via a Ping URL, leading to remote code execution...
CVE-2024-31947
StoneFly Storage Concentrator SC and SCVM before 8.0.4.26 allows Directory Traversal by authenticated users. Using a crafted path parameter with the Online Help facility can expose sensitive system information...
CVE-2024-30213
CVE-2024-30213 affects StoneFly Storage Concentrator (SC and SCVM) prior to version 8.0.4.26. The issue allows remote authenticated users to perform command injection via a Ping URL, leading to remote code execution. Affected versions: SC/SCVM before 8.0.4.26. Mitigation: update to 8.0.4.26 or la...
CVE-2024-31947
StoneFly Storage Concentrator SC and SCVM before 8.0.4.26 allows Directory Traversal by authenticated users. Using a crafted path parameter with the Online Help facility can expose sensitive system information...
StoneFly Storage Concentrator Security Vulnerability
StoneFly Storage Concentrator is a storage concentrator virtual machine from StoneFly. A security vulnerability exists in StoneFly Storage Concentrator versions prior to 8.0.4.26 that stems from the presence of directory traversal, which could expose sensitive system information...
CVE-2024-30213
StoneFly Storage Concentrator SC and SCVM before 8.0.4.26 allows remote authenticated users to achieve Command Injection via a Ping URL, leading to remote code execution...
PT-2024-23258 · Stonefly · Stonefly Storage Concentrator
Name of the Vulnerable Software and Affected Versions: StoneFly Storage Concentrator SC and SCVM versions prior to 8.0.4.26 Description: The issue allows remote authenticated users to achieve command injection via a Ping URL, leading to remote code execution. Recommendations: For versions prior t...