13 matches found
EUVD-2021-21865
Malware in sbrugna...
CVE-2021-35222
This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution RCE from the Alerts Settings page...
CVE-2021-35221
Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution RCE from the Alerts Settings page...
Remote code execution
This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution RCE from the Alerts Settings page...
Improper access control
Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution RCE from the Alerts Settings page...
CVE-2021-35220
Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution RCE from the Alerts Settings page...
CVE-2021-35220
Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution RCE from the Alerts Settings page...
CVE-2021-35219
ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page...
CVE-2021-35222
CVE-2021-35222 affects SolarWinds Orion Platform; the vulnerability is described as enabling attackers to impersonate users and perform arbitrary actions resulting in Remote Code Execution (RCE) from the Alerts Settings page. The connected documents corroborate the RCE/Risk association for this C...
CVE-2021-35220 EmailWebPage Command Injection RCE
Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution RCE from the Alerts Settings page...
CVE-2021-35220
SolarWinds Orion Platform 2020.2.0 before 2020.2.6 HF1 is affected by CVE-2021-35220 (EmailWebPage API command injection). An authenticated remote attacker could exploit this via the Alerts Settings page to achieve Remote Code Execution. Remediation: upgrade to 2020.2.6 HF1 or later; apply vendor...
CVE-2021-35219 ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability
ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page...
CVE-2021-35219
SolarWinds Orion Platform prior to 2020.2.6 HF1 is affected by CVE-2021-35219: ExportToPdfCmd Arbitrary File Read via the ImportAlert function in the Alerts Settings page. The vulnerability allows an authenticated, remote attacker to read arbitrary files. Remediation is to upgrade to 2020.2.6 HF1...