23 matches found
Command injection
PhoneSystem Terminal in 3CX Phone System Debian based installation 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z aka postrotate-command option to tcpdump can be unsafe when used in conjunction with sud...
PT-2021-19257 · Juniper Networks · Junos Evolved
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions prior to 20.3R2-S1-EVO Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R2-S2-EVO Juniper Networks Junos OS Evolved 21.1 versions prior to 21.1R2-EVO Juniper Networks Junos OS Evolved 21....
Fortinet FortiAP-S, FortiAP-W2 and FortiAP-U Input Validation Error Vulnerability
Fortinet FortiAP-S and others are a controller for managing wireless access point devices from Fortinet. An input validation error vulnerability exists in the FortiAP CLI management console in FortiAP-S, FortiAP-W2, and FortiAP-U. An attacker could exploit this vulnerability to overwrite system...