8 matches found
CVE-2021-37146
An infinite loop in Open Robotics roscomm XMLRPC server in ROS Melodic through 1.4.11 and ROS Noetic through1.15.11 allows remote attackers to cause a Denial of Service in roscomm via a crafted XMLRPC call...
The vulnerability of the XMLRPC API interface of the Movable Type content management system allows attackers to execute arbitrary commands.
The vulnerability of the XMLRPC API interface of the Movable Type content management system is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
CVE-2022-24333
In JetBrains TeamCity before 2021.2, blind SSRF via an XML-RPC call was possible...
VulnCheck KEV: CVE-2018-9866
A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System GMS virtual appliance's, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier...
DEBIAN-CVE-2017-11610
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups...
CVE-2017-8056
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity XXE, in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new...
WatchGuard Fireware XML-RPC External Entity Extension Denial of Service Vulnerability
The full name of XML-RPC is XML Remote Procedure Call, that is, XML a subset under Standard Generalized Markup Language remote procedure call. An external entity extension denial of service vulnerability exists in WatchGuard Fireware XML-RPC, which can be exploited by an attacker to crash the...
Cisco TelePresence System Software Command Execution
According to the self-reported device name of the remote device, it may be a Cisco TelePresence System device. Nessus cannot determine the version of the software running on this device, but it may be affected by a vulnerability that could allow an unauthorized user to execute arbitrary commands...