CVE-2019-13652

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection issue 4 of 5...

Code injection

DISPUTED An issue was discovered in SageMath Sage Cell Server through 2019-10-05. Python Code Injection can occur in the context of an internet facing web application. Malicious actors can execute arbitrary commands on the underlying operating system, as demonstrated by an...

CVE-2019-14423

CVE-2019-14423 affects the CUx-Daemon addon (version 1.11a) used by eQ-3 Homematic CCU-Firmware, impacting firmware 2.35.16 up to 2.45.6. The issue enables remote authenticated attackers to execute system commands as root over a simple HTTP request due to the described RCE vulnerability. Source d...

PHP 7.0 < 7.3 (Unix) - 'gc' disable_functions Bypass

= 0; $j-- $address = 8; return $out; function write&$str, $p, $v, $n = 8 $i = 0; for$i = 0; $i = 8; function leak$addr, $p = 0, $s = 8 global $abc, $helper; write$abc, 0x68, $addr + $p - 0x10; $leak = strlen$helper-a; if$s != 8 $leak %= 2 $s 8 - 1; return $leak; function parseelf$base $etype =...

CVE-2019-15029

CVE-2019-15029 affects FusionPBX 4.4.8. An attacker can execute arbitrary system commands by submitting a malicious command to the service_edit.php file (command stored in the database). Trigger relies on calling services.php via a GET request with the service id and a=start to execute the stored...

CVE-2019-1984

A vulnerability in Cisco Enterprise Network Functions Virtualization Infrastructure Software NFVIS could allow an authenticated, remote attacker with administrator privileges to overwrite files on the underlying operating system OS of an affected device. The vulnerability is due to improper input...

CVE-2019-1984

Cisco NFVIS contains an input validation error in the NFVIS file-system command that, when exploited by an authenticated administrator, can overwrite arbitrary files on the underlying OS. The vulnerability affects Cisco NFVIS versions prior to 3.12.1 (as reported by CNVD) and is addressed by soft...

CVE-2019-13294

AROX School-ERP Pro has a command execution vulnerability. importstud.php and uploadfille.php do not have session control. Therefore an unauthenticated user can execute a command on the system...

Linux Mint 18.3-19.1 - yelp Command Injection Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Exploit from github repro: https://github.com/b1ack0wl/linuxmintpoc class MetasploitModule "Linux Mint 'yelp' URI handler command injection vulnerability", 'Description'...

CVE-2019-7670

Prima Systems FlexAir, Versions 2.3.38 and prior. The application incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component, which could allow attackers to execute commands directly on the operating system...

Extract add-on for Nextcloud OS Command Injection Vulnerability

Extract add-on for Nextcloud is a set of component applications for Netcloud. An input validation vulnerability exists in Extract add-on for Nextcloud lib/Controller/ExtractionController.php, which allows remote attackers to submit a special request that can be used to execute arbitrary OS comman...

CVE-2018-7829

The CVE-2018-7829 entry affects Schneider Electric Pelco Sarix/Spectra Cameras (Sarix Enhanced and Spectra Enhanced PTZ) with an improper neutralization of special elements in a query that enables an attacker to execute arbitrary OS commands. The ZeroScience ZSL-2017 report details an authenticat...

CVE-2019-10916

CVE-2019-10916 affects Siemens SIMATIC PCS7 and WinCC/TIA Portal products (multiple versions). The root cause is SQL Injection in the project file handling, allowing an attacker who can access the project file to run arbitrary commands with the local database server’s privileges, impacting confid...

Gemalto Ezio Server Operating System Command Injection Vulnerability

Gemalto Ezio Server is an authentication server from Gemalto USA. An operating system command injection vulnerability exists in Gemalto Ezio Server versions prior to 3.1.0, which can be exploited by an attacker to execute illegal operating system commands...

CVE-2018-14714

System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "loadscript" URL parameter...

CVE-2018-14712

Buffer overflow in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to inject system commands via the "hook" URL parameter...

Command injection

System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "loadscript" URL parameter...

CVE-2018-14714

CVE-2018-14714 describes a system command injection in ASUS RT-AC3200 (firmware 3.0.0.4.382.50010) via the load_script parameter in appGet.cgi, allowing remote command execution. Multiple connected sources confirm the vulnerability in the ASUS RT-AC3200 and the load_script vector; Red Hat/NTBD ad...

ASUS Zenfone V Live and Asus ZenFone 3 Max security vulnerabilities

The ASUS Zenfone V Live and the Asus ZenFone 3 Max are both Android-based smartphones from Asus Taiwan, China. The ASUS Zenfone V Live build fingerprint is asus/VZWASUSA009/ASUSA009:7.1.1/NMF26F/14.0610.1802.78-20180313:user/release-keys and the Asus ZenFone 3 Max build fingerprint is...

CVE-2019-10040

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dirlogin.asp and use a hidden API URL /goform/SystemCommand to execute a system command without authentication...