7629 matches found
CVE-2024-58257
CVE-2024-58257 affects Huawei EnzoH OS by a local, high-privilege OS command injection flaw that can yield arbitrary command execution. The CVSS metrics (NVD) indicate Local access, Low attack complexity, High privileges required, no user interaction, with impact to confidentiality, integrity, an...
CVE-2024-58257
EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...
CVE-2024-58256
CVE-2024-58256 concerns Huawei EnzoH, reporting an OS command injection vulnerability in the EnzoH operating system. Exploitation may lead to arbitrary command execution with high impact. Documents consistently describe the issue as OS command injection affecting EnzoH; however, concrete details ...
CVE-2024-58256
EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...
Mubit Powered BLUE 870 操作系统命令注入漏洞
Mubit Powered BLUE 870 is a DNS server from Mubit Japan. An operating system command injection vulnerability exists in Mubit Powered BLUE 870 version 0.20130927 and earlier, which stems from OS command injection and could lead to arbitrary command execution...
PT-2025-32341 · Enzoh · Enzoh
Name of the Vulnerable Software and Affected Versions: EnzoH affected versions not specified Description: EnzoH contains an OS command injection flaw. Successful exploitation of this flaw may lead to arbitrary command execution. Recommendations: At the moment, there is no information about a newe...
PT-2025-32343 · Enzoh · Enzoh
Name of the Vulnerable Software and Affected Versions: EnzoH affected versions not specified Description: EnzoH contains an OS command injection flaw. Successful exploitation may lead to arbitrary command execution. Recommendations: At the moment, there is no information about a newer version tha...
PT-2025-32342 · Enzoh · Enzoh
Name of the Vulnerable Software and Affected Versions: EnzoH affected versions not specified Description: EnzoH contains an OS command injection vulnerability. Successful exploitation of this issue may lead to arbitrary command execution. Recommendations: At the moment, there is no information...
Mobile Industrial Robots MiR Robots 安全漏洞
Mobile Industrial Robots MiR Robots is an autonomous mobile robot from Mobile Industrial Robots, Denmark. A security vulnerability exists in Mobile Industrial Robots MiR Robots versions prior to 3.0.0, which stems from susceptibility to a command injection attack that could result in the executio...
The vulnerability of the FortiMail email protection system and the FortiRecorder video surveillance device’s micro-programming software lies in the lack of measures to neutralize special elements, allowing intruders to execute arbitrary commands.
The vulnerability of the FortiMail email protection system and the FortiRecorder video surveillance device’s microprogramming software lies in the lack of measures to neutralize special elements. Exploiting this vulnerability allows a perpetrator to execute arbitrary commands...
CVE-2025-36604
Dell Unity, versions 5.5 and prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution...
CVE-2025-22469
The CVE-2025-22469 entry impacts SATO CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with firmware versions prior to 1.15.5-r1. The vulnerability is an OS command injection in the device’s system, exploitable by a remote attacker with non-administrative privileges to execute arbitrary commands. Th...
PT-2025-32148 · Unknown · Cl4/6Nx-J Plus +1
Name of the Vulnerable Software and Affected Versions: CL4/6NX Plus and CL4/6NX-J Plus Japan model versions prior to 1.15.5-r1 Description: An OS command injection issue exists that allows for the execution of arbitrary OS commands on the system with a certain non-administrative user privilege...
The vulnerability of the DDSH CLI interface for Dell EMC Data Domain Operating Systems allows a perpetrator to execute arbitrary commands.
The vulnerability of the DDSH CLI interface for Dell EMC Data Domain Operating Systems is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability can allow attackers to execute arbitrary commands...
The vulnerability of the DDSH CLI interface for Dell EMC Data Domain Operating Systems allows a perpetrator to execute arbitrary commands.
The vulnerability of the DDSH CLI interface for Dell EMC Data Domain Operating Systems is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability can allow attackers to execute arbitrary commands...
Jointelli 5G CPE 21H01 安全漏洞
The Jointelli 5G CPE 21H01 is a router from the Chinese company Jointelli. A security vulnerability exists in the Jointelli 5G CPE 21H01 JY21H01A3v1.36 version, which stems from the presence of OS command injection on multiple endpoints that could lead to the execution of arbitrary commands...
FIRSTNUM JC21A-04 安全漏洞
The FIRSTNUM JC21A-04 is a router from the Chinese company FIRSTNUM. A security vulnerability exists in the FIRSTNUM JC21A-04 version 2.01ME/FN and earlier, which originates from an arbitrary system command that can be executed via the xmlaction.cgi endpoint...
CVE-2013-10052
CVE-2013-10052 concerns ZPanel’s zsudo helper. A misconfiguration in /etc/sudoers lets low-privilege users run arbitrary commands as root, enabling local privilege escalation by writing a payload to a writable dir and executing it via zsudo. Documented impact includes post-exploitation scenarios ...
CVE-2013-10052 ZPanel zsudo Local Privilege Escalation
ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation for administrative tasks. However, when misconfigured in /etc/sudoers, zsudo can be invoked by low-privileged users to execute arbitrary commands as root. This flaw enables local attackers with shell...
CVE-2013-10052 ZPanel zsudo Local Privilege Escalation
ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation for administrative tasks. However, when misconfigured in /etc/sudoers, zsudo can be invoked by low-privileged users to execute arbitrary commands as root. This flaw enables local attackers with shell...