7632 matches found
D-Link DI-8100G upgrade_filter.asp Command Injection Vulnerability
D-Link DI-8100G is a broadband router designed for small and medium-sized network environments, supporting multi-line bandwidth overlay, PPPoE/WEB authentication billing, intelligent traffic control, Internet behavior management and other functions. The D-Link DI-8100G suffers from a command...
The vulnerability of the Python interpreter of the Cisco NX-OS operating system for Cisco Nexus switches allows a hacker to execute arbitrary commands.
The vulnerability of the Python interpreter in the Cisco NX-OS operating system of Cisco Nexus switches is related to a breach in the data protection mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary commands...
CVE-2024-45498
Example DAG: exampleinleteventextra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. If you used that example as the base of your DAGs - please review if you have not copied the...
Arbitrary Command Execution
push-dir is vulnerable to Arbitrary Command Execution. The vulnerability is due to the lack of validation for arguments provided in the "opt.branch" variable before being passed to the "git" command, allowing an attacker to inject arbitrary commands...
D-Link DI-8100G 安全漏洞
D-Link DI-8100G is a broadband router designed for small and medium-sized network environments, supporting multi-line bandwidth overlay, PPPoE/WEB authentication billing, intelligent traffic control, Internet behavior management and other functions. The D-Link DI-8100G suffers from a command...
PT-2024-31664 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow version 2.10.0 Description: The issue allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. This is related to the example DAG example inlet event extra.py shipped with Apache Airflow...
camera-pi 安全漏洞
camera-pi is a camera module by Michael Horne Personal Developer. A security vulnerability exists in camera-pi version 1.0, which stems from the mishandling of user input passed to the position GET parameter in the tilt.php script, which could allow an attacker to execute arbitrary commands by...
CVE-2024-43774
The CVE concerns Easytest Online Test Platform (versions 24E01 and earlier). The vulnerability is a SQL injection in the download personal learning course function, exploitable via the uid parameter. A remote authenticated attacker could execute arbitrary SQL commands, with potential impact on co...
EMC AlphaStor Device Manager Arbitrary Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'EMC AlphaStor Device Manager Arbitrary Command Execution', 'Description' = %q EMC AlphaStor Device Manager is prone to a remote command-injection...
CVE-2024-44916
Vulnerability in adminip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution...
CVE-2024-44916
Vulnerability in adminip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution...
CVE-2024-44916
Vulnerability in adminip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution...
CVE-2024-44916
Vulnerability in adminip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution...
FIWARE Keyrock Operating System Command Injection Vulnerability
FIWARE Keyrock is a FIWARE open source component responsible for identity management. An operating system command injection vulnerability exists in FIWARE Keyrock 8.4 and earlier versions, which stems from the function generateappcertificates in lib/appcertificates.js not being properly...
FIWARE Keyrock OS Command Injection Vulnerability (CNVD-2024-37459)
FIWARE Keyrock is a FIWARE open source component responsible for identity management. An operating system command injection vulnerability exists in FIWARE Keyrock version 8.4 and earlier, which stems from the function generateappcertificates in controllers/saml2/saml2.js not being properly...
CVE-2024-34195
TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlanssid field. This oversight leads to potential buffer overflow under specific...
CVE-2024-34195
TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlanssid field. This oversight leads to potential buffer overflow under specific...
Cisco NX-OS Software 安全漏洞
Cisco NX-OS Software is a suite of data center-grade operating system software used by switches from Cisco USA. A security vulnerability exists in Cisco NX-OS Software that originates from insufficient validation of user-supplied input. An attacker could exploit the vulnerability to execute...
CVE-2024-34195
The CVE affects TOTOLINK AC1200 Wireless Router A3002R with firmware 1.1.1-B20200824. The vulnerability resides in the boa server CGI function formWlEncrypt, where the wlan_ssid input lacks length validation, enabling a buffer overflow under certain conditions. Attackers can trigger the overflow ...
PT-2024-6116 · Cisco · Cisco Nx-Os +1
Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to execute arbitrary commands on the underlying operating system...