341 matches found
SUSE CVE-2020-28024
Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtpungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF...
Cacti 1.2.22 unauthenticated command injection
This module exploits an unauthenticated command injection vulnerability in Cacti through 1.2.22 CVE-2022-46169 in order to achieve unauthenticated remote code execution as the www-data user. The module first attempts to obtain the Cacti version to see if the target is affected. If LOCALDATAID...
NETGEAR Nighthawk WiFi6 Router Command Injection Vulnerability
The NETGEAR Nighthawk WiFi6 Router is a series of routers that support WiFi 6 technology and are designed for users who are looking for a high-speed Internet experience. The NETGEAR Nighthawk WiFi6 Router suffers from a command injection vulnerability that originates from improper user input...
PT-2022-27863 · Veritas · Veritas Netbackup Access Appliance +1
Name of the Vulnerable Software and Affected Versions: Veritas NetBackup Flex Scale versions 1.0 through 3.0 Veritas NetBackup Access Appliance versions 8.0.0 through 8.0.100 Description: An issue was discovered that allows unauthenticated remote command execution via the management portal...
CVE-2022-40623
The WAVLINK Quantum D4G WN531G3 running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues such as CVE-2022-35518, can lead to remote, unauthenticated command execution...
CVE-2022-40623
CVE-2022-40623 affects WAVLINK Quantum D4G (WN531G3) firmware M31G3.V5030.200325, describing a lack of anti-CSRF tokens in the device’s web interface. The entry also notes that exploitation can occur when combined with CVE-2022-35518 (command injection via nas.cgi), suggesting a scenario for remo...
NOKIA 1350 OMS 操作系统命令注入漏洞
NOKIA 1350 OMS is an optical management system from Nokia Finland. An operating system command injection vulnerability exists in NOKIA 1350 OMS version R14.2 that originates from allowing an unauthenticated user to execute commands on the operating system...
Apache Spark Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'Apache Spark Unauthenticated Command Injection RCE', 'Description' = %q This module exploits an unauthenticated command...
CVE-2022-21941
All versions of iSTAR Ultra prior to version 6.8.9.CU01 are vulnerable to a command injection that could allow an unauthenticated user root access to the system...
CVE-2022-21941
All versions of iSTAR Ultra prior to version 6.8.9.CU01 are vulnerable to a command injection that could allow an unauthenticated user root access to the system...
Roxy-WI Prior to 6.1.1.0 Unauthenticated Command Injection RCE
This module exploits an unauthenticated command injection vulnerability in Roxy-WI prior to version 6.1.1.0. Successful exploitation results in remote code execution under the context of the web server user. Roxy-WI is an interface for managing HAProxy, Nginx and Keepalived servers. Module Option...
FLIR AX8 1.46.16 Remote Command Execution Exploit
-- coding: utf-8 -- Exploit Title: FLIR AX8 Unauthenticated OS Command Injection Exploit Author: Samy Younsi Naqwada https://samy.link Vendor Homepage: https://www.flir.com/ Software Link: https://www.flir.com/products/ax8-automation/ PoC: https://www.youtube.com/watch?v=dh0rfAIWok Version: 1.46....
A Door Isn’t a Door When It’s Ajar - Part 2
A Door Isn’t a Door When It’s Ajar - Part II By Trellix · August 18, 2022 This story was also written by Steve Povolny and Sam Quinn Contents Introduction Software Hacking Software Hacking Shopping List Vulnerabilities Discovered CVE-2022-31479: Command injection via the web interface Vulnerable...
Zyxel Firewall ZTP Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zyxel Firewall ZTP Unauthenticated Command Injection', 'Description' = %q This module exploits CVE-2022-30525, an unauthenticated remote command...
CVE-2021-3897
An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware during an that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...
CVE-2021-3849
An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...
CVE-2021-45876
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware...
CVE-2021-45876
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware...
Hikvision IP Camera Unauthenticated Command Injection
This module exploits an unauthenticated command injection in a variety of Hikvision IP cameras CVE-2021-36260. The module inserts a command into an XML payload used with an HTTP PUT request sent to the /SDK/webLanguage endpoint, resulting in command execution as the root user. This module...
Command injection
The downloadFlile.cgi binary file in TOTOLINK EX200 V4.0.3c.7646B20201211 has a command injection vulnerability when receiving GET parameters. The parameter name can be constructed for unauthenticated command execution...