Lucene search
K

6 matches found

NVD
NVD
added 2025/12/24 8:15 p.m.5 views

CVE-2019-25243

FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort'...

8.8CVSS0.02325EPSS
Exploits2References3
OSV
OSV
added 2025/12/24 8:15 p.m.5 views

CVE-2019-25243

FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort'...

8.7CVSS6AI score0.02325EPSS
Exploits2References3
CVE
CVE
added 2025/12/24 7:27 p.m.19 views

CVE-2019-25243

FaceSentry 6.4.8 has an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php. The root cause is unsanitized inputs in strInIP/strInPort, enabling arbitrary shell commands with root privileges. Affected product: FaceSentry 6.4.8. Impact is described as high. Rem...

8.8CVSS7.8AI score0.02325EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2025/12/24 7:27 p.m.28 views

CVE-2019-25243 FaceSentry 6.4.8 Authenticated Remote Command Injection via Ping Test

FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort'...

8.8CVSS0.02325EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.8 views

PT-2025-53329

Name of the Vulnerable Software and Affected Versions FaceSentry version 6.4.8 Description FaceSentry 6.4.8 has a remote command injection issue in the pingTest.php and tcpPortTest.php scripts. An attacker with authentication can inject and execute arbitrary shell commands with root privileges...

8.8CVSS8.2AI score0.02325EPSS
Exploits2References5
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.4 views

iWT FaceSentry Access Control System 安全漏洞

The iWT FaceSentry Access Control System is an iWT open source application. It provides an access control function. A security vulnerability exists in iWT FaceSentry Access Control System version 6.4.8, which stems from an authenticated remote command injection in the pingTest.php and...

8.8CVSS7.5AI score0.02325EPSS
Exploits2References3
Rows per page
Query Builder