Huawei BiSheng-WNM 操作系统命令注入漏洞

Huawei BiSheng-WNM is a Huawei printer from Huawei, a Chinese company. A security vulnerability exists in Huawei printer that stems from the presence of a system command injection vulnerability. Affected products and versions: Huawei BiSheng-WNM OTA-BiSheng-FW-2.0.0.211-beta, BiSheng-WNM FW versi...

多款WAGO产品操作系统命令注入漏洞

WAGO PFC100 is a programmable logic controller PLC.WAGO Compact Controller CC100 is a compact controller.WAGO Edge Controller is an edge controller.WAGO Compact Controller CC100 is a programmable logic controller PLC.WAGO Edge Controller is an edge controller.WAGO Compact Controller CC100 is a...

CVE-2023-28716

CVE-2023-28716 affects mySCADA myPRO 8.26.0 and earlier. Affected component: parameters handling in myPRO that allow an authenticated user to inject arbitrary operating system commands (OS command injection). Root cause: improper validation/handling of command-related parameters leading to code e...

Privilege escalation

HGiga MailSherlock query function for connection log has a vulnerability of insufficient filtering for user input. An authenticated remote attacker with administrator privilege can exploit this vulnerability to inject and execute arbitrary system commands to perform arbitrary system operation or...

Fortinet FortiWeb OS Command Injection Vulnerability (CNVD-2023-18291)

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. An operating system command injection...

CVE-2022-48255

There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution...

CVE-2022-48259

There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could allow attackers to gain higher privileges...

CVE-2022-48255

There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution...

CVE-2022-48259

There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could allow attackers to gain higher privileges...

Command injection

There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could allow attackers to gain higher privileges...

CVE-2022-48255

There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution...

CVE-2022-48259

There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could allow attackers to gain higher privileges...

Sme.UP ERP TOKYO V6R1M220406 操作系统命令注入漏洞

Sme.UP ERP is a management software developed by Sme.UP Italy to meet the needs of its customers. A security vulnerability exists in Sme.UP ERP TOKYO V6R1M220406 version, which originates from the presence of an operating system command injection vulnerability...

CVE-2022-48255

CVE-2022-48255 concerns a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325 (Huawei printer). The underlying issue is command injection that could allow remote code execution. Documented impact is remote code execution with network access and no user interaction required. Connect...

CVE-2022-48259

The CVE-2022-48259 entry concerns Huawei BiSheng-WNM FW 3.0.0.325. The connected docs confirm a system command injection vulnerability that can lead to higher privileges. Attack vector is network-based (AV:N) with low attack complexity and no user interaction required, resulting in high impact to...

CVE-2022-48255

There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution...

CVE-2023-0830 EasyNAS backup.pl system os command injection

A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function system of the file /backup.pl. The manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is...

PT-2023-6843 · Easynas · Easynas

Name of the Vulnerable Software and Affected Versions: EasyNAS version 1.1.0 Description: A critical vulnerability has been found in the function system of the file /backup.pl, leading to os command injection. The manipulation can be launched remotely, and the exploit has been disclosed to the...

FreshTomato 操作系统命令注入漏洞

FreshTomato is a Linux-based open source firmware from FreshTomato Open Source. The firmware provides a variety of features for Broadcom-based routers. A security vulnerability exists in FreshTomato version 2022.5 that stems from the presence of operating system command injection, which can be...

OrangeScrum 操作系统命令注入漏洞

Orangescrum is a project and task management software tool that also provides productivity tools for work organization and team collaboration. Orangescrum suffers from an operating system command injection vulnerability that originates when the application injects an attacker-controlled parameter...