PT-2023-3349 · Fortinet · Fortiadc

Name of the Vulnerable Software and Affected Versions: FortiADC versions 6.0 through 7.1.0 Description: The issue is related to an improper neutralization of special elements used in an OS command, which may allow a local and authenticated attacker to execute unauthorized commands via specificall...

CVE-2023-33443

Affected software: BES--6024PB-I50H1 VideoPlayTool 2.0.1.0. Vulnerability: Incorrect access control in the administrative functionalities. Impact: attacker can execute arbitrary administrative commands via a crafted payload sent to the endpoints. Root cause: improper access control checks in the ...

CVE-2023-30400

An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within the MCU's operating system allows attackers to perform arbitrary command execution via a crafted wifi SSID or password...

CVE-2023-30400

An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within the MCU's operating system allows attackers to perform arbitrary command execution via a crafted wifi SSID or password...

CVE-2022-25834

In Percona XtraBackup PXB through 2.2.24 and 3.x through 8.0.27-19, a crafted filename on the local file system could trigger unexpected command shell execution of arbitrary commands...

CVE-2022-25834

In Percona XtraBackup PXB through 2.2.24 and 3.x through 8.0.27-19, a crafted filename on the local file system could trigger unexpected command shell execution of arbitrary commands...

Command injection

An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within the MCU's operating system allows attackers to perform arbitrary command execution via a crafted wifi SSID or password...

CVE-2023-30400

CVE-2023-30400 affects Anyka Microelectronics AK3918EV300 MCU v18. The issue is a command injection in the MCU’s network configuration script, enabling arbitrary command execution when a crafted wifi SSID or password is processed. CVSS 3.1 base score 9.8 (CRITICAL) with network attack vector, low...

CVE-2023-30400

An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within the MCU's operating system allows attackers to perform arbitrary command execution via a crafted wifi SSID or password...

PT-2023-22672 · Anyka Microelectronics · Ak3918Ev300

Name of the Vulnerable Software and Affected Versions: Anyka Microelectronics AK3918EV300 MCU version 18 Description: An issue was discovered in the network configuration script within the MCU's operating system, allowing attackers to perform arbitrary command execution via a crafted wifi SSID or...

CVE-2023-30400

An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within the MCU's operating system allows attackers to perform arbitrary command execution via a crafted wifi SSID or password...

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows a hacker to execute arbitrary commands.

The vulnerability of the web interface for managing microprogrammed software routers from Cisco Small Business, models RV016, RV042, RV042G, RV082, RV320, and RV325, is related to insufficient validation of input data during HTTP packet processing. Exploiting this vulnerability allows a malicious...

CVE-2023-21670

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode...

Memory corruption

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode...

CVE-2023-21670 Improper Access control in GPU Subsystem

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode...

CVE-2023-21670 Improper Access control in GPU Subsystem

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode...

CVE-2023-21670

CVE-2023-21670 describes memory corruption in the Qualcomm GPU subsystem caused by arbitrary command execution from the GPU when operating in privileged mode. The CVE is documented with a HIGH impact (confidentiality, integrity, and availability) and a LOCAL attack vector with LOW complexity and ...

The vulnerability of Juniper Networks’ Junos OS Evolved operating system, related to deficiencies in authentication procedures, allows attackers to execute arbitrary commands.

The vulnerability of Juniper Networks’ Junos OS Evolved operating system is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to execute arbitrary commands using the sysmanctl command...

The vulnerability of the command-line interface (CLI) of the Cisco Email Security Appliance allows a perpetrator to execute arbitrary commands.

The vulnerability of the command-line interface CLI of the Cisco Email Security Appliance relates to the lack of measures taken to neutralize special elements used in operating system commands. Exploiting this vulnerability can allow an attacker to execute arbitrary commands...

CVE-2023-29154

SQL injection vulnerability exists in the CONPROSYS HMI System CHS versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQL command via specially crafted input to the query setting page...