NewStart CGSL MAIN 6.02 : bash Multiple Vulnerabilities (NS-SA-2021-0118)

The remote NewStart CGSL host, running version MAIN 6.02, has bash packages installed that are affected by multiple vulnerabilities: - GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remot...

Remote Code Execution (RCE)

Gradle is vulnerable to remote code execution. start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. This may impact those who use gradlew o...

CVE-2020-23038

Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables...

CVE-2020-23038

Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables...

CVE-2020-23038

CVE-2020-23038 affects Swift File Transfer Mobile v1.1.2 and earlier. A path traversal/info-disclosure vulnerability exists in the path parameter, triggered by an error caused by including non-existent path environment variables. The connected sources corroborate that an unauthorized attacker cou...

CVE-2021-42536

The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables...

CVE-2021-42536

The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables...

Default credentials

The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables...

CVE-2021-42536 Emerson WirelessHART Gateway

The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables...

CVE-2021-42536

The CVE-2021-42536 vulnerability affects Emerson WirelessHART Gateway devices. It allows disclosure of peer usernames and passwords by permitting all users to read global variables, impacting confidentiality (CVE-2021-42536). Reported impacts include high confidentiality exposure with network-rem...

Emerson WirelessHART Gateway 信息泄露漏洞

The Emerson WirelessHART Gateway is a wireless gateway from Emerson Corporation. An information disclosure vulnerability exists in Emerson WirelessHART Gateway, which stems from the ability to read global variables by allowing all users access, making it easy for affected products to disclose pee...

Emerson WirelessHART Gateway 命令注入漏洞

The Emerson WirelessHART Gateway is a wireless gateway from Emerson USA. A command injection vulnerability exists in Emerson WirelessHART Gateway that allows all users to access read global variables, and affected products are prone to disclosing peer usernames and passwords...

CVE-2021-30358

Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent...

CVE-2021-30358

Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent...

Design/Logic Flaw

Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent...

CVE-2021-30358

Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent...

GoAhead file upload vulnerability

GoAhead is an open source small embedded web server from Embedthis Software, U.S. GoAhead is vulnerable to a file upload vulnerability that stems from incomplete filter processing in the file upload filter. An attacker could exploit this vulnerability to import untrusted environment variables int...

CVE-2021-42342

An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables into vulnerable CGI scripts...

CVE-2021-42342

An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables into vulnerable CGI scripts...

GoAhead 代码问题漏洞

GoAhead is an open source small embedded web server from Embedthis Software, U.S. GoAhead is vulnerable to a file upload vulnerability that stems from incomplete filter processing in the file upload filter. An attacker could exploit this vulnerability to import untrusted environment variables int...