SUSE CVE-2023-5043

Ingress nginx annotation injection causes arbitrary command execution...

Tenda W18E Command Injection Vulnerability

The Tenda W18E is a wireless router from the Chinese company Tenda. Tenda W18E suffers from a command injection vulnerability, which originates from the hostName parameter in the formSetNetCheckTools function failing to correctly filter the constructor command special characters, commands, etc...

F5 BIG-IP Configuration utility SQL Injection Vulnerability

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 USA. A SQL injection vulnerability exists in the F5 BIG-IP Configuration utility, which stems from the presence of a SQL injection...

Ingress nginx annotation injection causes arbitrary command execution

Issue Details A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/configuration-snippet annotation on an Ingress object in the networking.k8s.io or extensions API group can be used to inject arbitrary commands, and obtain the credentials of the ingress-nginx...

CVE-2023-5043

Ingress nginx annotation injection causes arbitrary command execution...

CVE-2023-5043

Ingress nginx annotation injection causes arbitrary command execution...

CVE-2023-5043 Ingress nginx annotation injection causes arbitrary command execution

Ingress nginx annotation injection causes arbitrary command execution...

CVE-2023-5043

CVE-2023-5043 affects Kubernetes ingress-nginx where the nginx.ingress.kubernetes.io/configuration-snippet annotation injection allows a remote authenticated attacker to execute arbitrary commands on the system due to improper input validation. IBM’s bulletin associates this CVE with IBM Cloud Ku...

CVE-2023-46010

An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the adminsafe.php component...

CVE-2023-46010

An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the adminsafe.php component...

CVE-2023-46010

An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the adminsafe.php component...

Ingress NGINX Controller Injection Vulnerability

Ingress NGINX Controller is a Kubernetes open source entry controller for Kubernetes. A security vulnerability exists in Ingress NGINX Controller. An attacker can exploit this vulnerability to execute arbitrary commands...

Tenda W18E 命令注入漏洞

The Tenda W18E is a wireless router from the Chinese company Tenda. Tenda W18E suffers from a command injection vulnerability, which originates from the hostName parameter in the formSetNetCheckTools function failing to correctly filter the constructor command special characters, commands, etc...

SeaCMS Security Vulnerability

SeaCMS is a free and open source web content management system written in PHP. The system is primarily designed to be used to manage video-on-demand resources. A security vulnerability exists in SeaCMS version v.12.9. An attacker can exploit this vulnerability to execute arbitrary commands via th...

NetModule Router Software Operating System Command Injection Vulnerability

NetModule Router Software is a router from NetModule. A security vulnerability exists in NetModule Router Software NRSW versions 4.6.x prior to 4.6.0.106 and 4.8.x prior to 4.8.0.101, which originates from the construction of operating system commands using unpurified user input, and which can be...

CVE-2023-40145

In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device...

CVE-2023-40145

CVE-2023-40145 is an OS Command Injection in Weintek cMT3000 HMI Web CGI (cgi-bin area). The vulnerability allows an anonymous attacker, after login, to execute arbitrary commands on affected devices. The issue is classified under CWE-78 (OS Command Injection) and is part of a pair of flaws affec...

FreshTomato Command Execution Vulnerability

FreshTomato is a Linux-based open source firmware from FreshTomato Open Source. The firmware provides a variety of features for Broadcom-based routers. A command execution vulnerability exists in FreshTomato version 2023.3, which stems from the application failing to properly filter construct...

PT-2023-22551 · Unknown · Ixp Easyinstall

Name of the Vulnerable Software and Affected Versions: IXP EasyInstall version 6.6.14884.0 Description: An issue in IXP EasyInstall allows attackers to run arbitrary commands, gain escalated privilege, and cause other unspecified impacts via unauthenticated API calls. Recommendations: For IXP...

CVE-2023-30131

CVE-2023-30131 affects IXP EasyInstall 6.6.14884.0. The issue allows attackers to run arbitrary commands and escalate privileges via unauthenticated API calls, with the NVD entry noting a high-impact remote code execution potential (CVSS v3.1: 9.8). Connected sources consistently describe command...