100 matches found
CVE-2016-11017
The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter a failed login attempt returns the command-injection output to a limited login failure field. This is...
CVE-2019-16662
An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution. Recent assessments: pbarry-r7 at...
Telnet Backdoor Opens More Than 1M IoT Radios to Hijack
Imperial Dabman IoT radios have a weak password vulnerability that could allow a remote attacker to achieve root access to the gadgets’ embedded Linux BusyBox operating system, gaining control over the device. Adversaries can deliver malware, add a compromised radio to a botnet, send custom audio...
CVE-2019-15498
cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via --output argument injection in the username parameter to /cgi-bin/cmh/webcam.sh...
CVE-2019-11523
Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. No authentication/encryption is done. Attackers can fully interact with the device: for example, send the "open door" command, download the users list which includes RFID codes and passcodes in cleartext, o...
Ubiquiti Inc.: Privilege Escalation From user to SYSTEM via unauthenticated command execution
The vulnerability, or feature depending how you look at it, is the ability to execute commands using the evostream API interface that is exposed on localhost:7440. Since the evostream service is running as SYSTEM a user can use the launchprocess command,...
Apache Spark - Unauthenticated Command Execution Exploit
This Metasploit module exploits an unauthenticated command execution vulnerability in Apache Spark with standalone cluster mode through the REST API. It uses the function CreateSubmissionRequest to submit a malicious java class and triggers it. This module requires Metasploit:...
Apache Spark - (Unauthenticated) Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Spark Unauthenticated Command Execution', 'Description' = %q This module exploits an unauthenticated command execution vulnerability in...
Apache #Hadoop YARN ResourceManager Unauthenticated Command Execution Exploit
This Metasploit module exploits an unauthenticated command execution vulnerability in Apache Hadoop through ResourceManager REST API. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Hadoop YARN...
CVE-2017-6526
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell cgi-bin/dna/sysAdmin.cgi POST requests...
Command Execution Vulnerability in TASKID[0] Parameter of Tibco Call Center System
The core of Tibco's call center system is a communication-based system for internal and external corporate communication. A command execution vulnerability exists in the TASKID0 parameter of the Tibco Call Center System. The vulnerability file is: /recordings/userwebstd/auto/outBound.php which...
Up.time agent for Windows contains multiple vulnerabilities
Overview The Up.time client for Windows is vulnerable to an format string attack as well as a buffer overflow, and may allow unauthenticated users to perform certain commands. Description CWE-134: Uncontrolled Format String - CVE-2015-2894For version 6.0 and 7.2, an unauthenticated attacker on th...
ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution
No description provided by source. ActualAnalyzer exploit. Tested on Lite version We load command into a dummy variable as we only have 6 characters to own the eval but load more as first 2 characters get rm'd. We then execute the eval with backticks. 11/05/2011 import urllib import urllib2 impor...
ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution Exploit
ActualAnalyzer remote command execution exploit that leverages an eval. ActualAnalyzer exploit. Tested on Lite version We load command into a dummy variable as we only have 6 characters to own the eval but load more as first 2 characters get rm'd. We then execute the eval with backticks. 11/05/20...
EZPZ One Click Backup <= 12.03.10 - Unauthenticated Command Execution
The ezpz-one-click-backup WordPress plugin was affected by an Unauthenticated Command Execution security vulnerability...
Mitel AWC Unauthenticated Command Execution
No description provided by source. http://www.procheckup.com/vulnerabilitymanager/vulnerabilities/pr10-14 PR10-14 Unauthenticated command execution within Mitel's AWC Mitel Audio and Web Conferencing Advisory publicly released: Tuesday, 21 December 2010 Vulnerability found: Wednesday, 21 July 201...
Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities
No description provided by source. Unauthenticated command execution on Netgear DGN devices ======================================================== ADVISORY INFORMATION Title: Unauthenticated command execution on Netgear DGN devices Discovery date: 01/05/2013 Release date: 31/05/2013 Credits:...
Unauthenticated command execution on Netgear DGN devices
Unauthenticated command execution on Netgear DGN devices ======================================================== ADVISORY INFORMATION Title: Unauthenticated command execution on Netgear DGN devices Discovery date: 01/05/2013 Release date: 31/05/2013 Credits: Roberto Paleari [email protected],...
Mitel AWC Unauthenticated Command Execution
Exploit for cgi platform in category web applications PR10-14 Unauthenticated command execution within Mitel's AWC Mitel Audio and Web Conferencing Advisory publicly released: Tuesday, 21 December 2010 Vulnerability found: Wednesday, 21 July 2010 Vendor informed: Monday, 26 July 2010 Severity...
Mitel's AWC Command Execution
http://www.procheckup.com/vulnerabilitymanager/vulnerabilities/pr10-14 PR10-14 Unauthenticated command execution within Mitel's AWC Mitel Audio and Web Conferencing Advisory publicly released: Tuesday, 21 December 2010 Vulnerability found: Wednesday, 21 July 2010 Vendor informed: Monday, 26 July...