Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268)

Summary Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. Details The Home Preference page exposes a list of system settings such as Run Mode, Jwt Secret, Node Secret and Terminal Start Command. The...

GHSA-8R25-68WM-JW35 Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268)

Summary Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. Details The Home Preference page exposes a list of system settings such as Run Mode, Jwt Secret, Node Secret and Terminal Start Command. The...

Nginx UI Command Injection Vulnerability

Nginx UI is a WebUI for Nginx by Jacky Personal Developer. A command injection vulnerability exists in Nginx UI versions prior to 2.0.0.beta.9, which can be exploited by an attacker to execute arbitrary commands by modifying nginx settings...

TOTOLINK A3300R 安全漏洞

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the pass parameter of the setTr069Cfg method failing to correctly filter construct command special...

TOTOLINK A3300R 安全漏洞

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the username parameter of the setDdnsCfg method failing to correctly filter construct command special...

Cisco Evolved Programmable Network Manager Security Vulnerability

Cisco Evolved Programmable Network Manager is a network management solution from Cisco. A security vulnerability exists in Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure, which stems from the existence of multiple vulnerabilities that could allow an attacker to...

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK A3700R v9.1.2u.5822B20200513, which stems from the NTPSyncWithHost method failing to properly filter construct command special characters, commands, and so on. An...

TOTOLINK EX1200T 安全漏洞

TOTOLINK EX1200T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK EX1200T version V4.1.2cu.5232B20210713, which stems from the main method failing to properly filter construct command special characters, commands, and so on. An...

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK A3700R v9.1.2u.5822B20200513, which stems from the setOpModeCfg method failing to correctly filter constructed command special characters, commands, and so on. An...

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3700R v9.1.2u.5822B20200513 version, which stems from the UploadFirmwareFile method failing to correctly filter constructed command special characters,...

TOTOLINK A3300R 安全漏洞

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the ip parameter of the setDmzCfg method failing to correctly filter constructed command special characters...

TOTOLINK N200RE NTPSyncWithHost Function OS Command Injection Vulnerability

The TOTOLINK N200RE is a router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the TOTOLINK N200RE version 9.3.5u.6139B20201216, which stems from a failure to properly filter the hosttime parameter of the NTPSyncWithHost function on the...

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK A3700R v9.1.2u.5822B20200513, which stems from the setTracerouteCfg method failing to correctly filter constructed command special characters, commands, and so on...

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK A3700R version v9.1.2u.5822B20200513, which stems from the setDiagnosisCfg method failing to correctly filter constructed command special characters, commands, and...

TOTOLINK A3300R 安全漏洞

The TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the hostName parameter of the setWanCfg method failing to correctly filter the construct command specia...

SUSE CVE-2023-35964

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...

Tenda AX1803 安全漏洞

Tenda AX1803 is a dual-band Gigabit WIFI6 router from Tenda China. A command injection vulnerability exists in the Tenda AX1803 v1.0.0.1, which stems from the fromAdvSetLanIp method failing to properly filter construct command special characters, commands, etc. The vulnerability can be exploited ...

CVE-2023-51126

Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 Jan 2023 the FLIR AX8 should no longer be affected by the...

CVE-2023-49236

A stack-based buffer overflow was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices, leading to arbitrary command execution. This occurs because of lack of length validation during an sscanf of a user-entered scale field in the RTSP playback function of davinci...

CVE-2023-49236

A stack-based buffer overflow was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices, leading to arbitrary command execution. This occurs because of lack of length validation during an sscanf of a user-entered scale field in the RTSP playback function of davinci...