CVE-2022-48472

A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution. Affected product versions include:BiSheng-WNM versions OTA-BiSheng-FW-2.0.0.211-beta,BiSheng-WNM FW 3.0.0.325,BiSheng-WNM FW 2.0.0.211...

CVE-2022-48472

CVE-2022-48472 concerns a system command injection in Huawei’s BiSheng-WNM printer line. Affected firmware/versions include OTA-BiSheng-FW-2.0.0.211-beta, BiSheng-WNM FW 3.0.0.325, and BiSheng-WNM FW 2.0.0.211. The vulnerability enables remote code execution via a crafted system command, as descr...

CVE-2022-48472

A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution. Affected product versions include:BiSheng-WNM versions OTA-BiSheng-FW-2.0.0.211-beta,BiSheng-WNM FW 3.0.0.325,BiSheng-WNM FW 2.0.0.211...

Huawei BiSheng-WNM 操作系统命令注入漏洞

Huawei BiSheng-WNM is a Huawei printer from Huawei, a Chinese company. A security vulnerability exists in Huawei printer that stems from the presence of a system command injection vulnerability. Affected products and versions: Huawei BiSheng-WNM OTA-BiSheng-FW-2.0.0.211-beta, BiSheng-WNM FW versi...

PT-2023-15805 · Unknown · Bisheng-Wnm Fw

Name of the Vulnerable Software and Affected Versions: BiSheng-WNM versions OTA-BiSheng-FW-2.0.0.211-beta through BiSheng-WNM FW 3.0.0.325 Description: A system command injection issue allows for remote code execution upon successful exploitation. Recommendations: For BiSheng-WNM versions...

LabCollector 代码问题漏洞

LabCollector is an all-in-one laboratory management platform from LabCollector, Inc. A security vulnerability exists in LabCollector versions 6.0 through 6.15. An attacker can exploit the vulnerability to upload executable PHP files and execute system commands...

PT-2023-3349 · Fortinet · Fortiadc

Name of the Vulnerable Software and Affected Versions: FortiADC versions 6.0 through 7.1.0 Description: The issue is related to an improper neutralization of special elements used in an OS command, which may allow a local and authenticated attacker to execute unauthorized commands via specificall...

PT-2023-3350 · Fortinet · Fortiadcmanager +1

Name of the Vulnerable Software and Affected Versions: FortiADC Manager versions prior to 7.1.0 FortiADC versions 7.0.0 through 7.1.2 FortiADC version 7.2.0 Description: The issue is related to the improper neutralization of special elements used in an operating system command, which can be...

KylinSoft kylin-software-properties 操作系统命令注入漏洞

KylinSoft kylin-software-properties is an application from KylinSoft China. An OS command injection vulnerability exists in KylinSoft kylin-software-properties versions prior to 0.0.1-130. An attacker could exploit this vulnerability to perform os command injection attacks...

Command injection

Hitron CODA-5310 has insufficient filtering for specific parameters in the connection test function. A remote attacker authenticated as an administrator, can use the management page to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service...

CVE-2022-47616 Hitron Technologies Inc. CODA-5310 - Remote Command Execution

Hitron CODA-5310 has insufficient filtering for specific parameters in the connection test function. A remote attacker authenticated as an administrator, can use the management page to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service...

CVE-2022-46361 Physical access to the WDM enables use of USB device to gain access to the WDM

An attacker having physical access to WDM can plug USB device to gain access and execute unwanted commands. A malicious user could enter a system command along with a backup configuration, which could result in the execution of unwanted commands. This issue affects OneWireless all versions up to...

CVE-2023-2868 Remote Code injection in Barracuda Email Security Gateway

A remote command injection vulnerability exists in the Barracuda Email Security Gateway appliance form factor only product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file tape archives. The vulnerability ste...

Input validation

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler beh to create an accessible network printer, this security vulnerability can cause remote code execution. beh.c...

多款WAGO产品操作系统命令注入漏洞

WAGO PFC100 is a programmable logic controller PLC.WAGO Compact Controller CC100 is a compact controller.WAGO Edge Controller is an edge controller.WAGO Compact Controller CC100 is a programmable logic controller PLC.WAGO Edge Controller is an edge controller.WAGO Compact Controller CC100 is a...

CVE-2023-29944

Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbench...

Command injection

Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbench...

CVE-2023-29944

Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbench...

CVE-2023-29944

Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbench...

CVE-2023-28716

CVE-2023-28716 affects mySCADA myPRO 8.26.0 and earlier. Affected component: parameters handling in myPRO that allow an authenticated user to inject arbitrary operating system commands (OS command injection). Root cause: improper validation/handling of command-related parameters leading to code e...