7636 matches found
GHSA-4V9W-PVWR-38H3 OS Command Injection in strong-nginx-controller
strong-nginx-controller through 1.0.2 is vulnerable to Command Injection. It allows execution of arbitrary command as part of the 'nginxCmd' function...
The vulnerability of the do_activate() function in the mgetty package allows a hacker to execute arbitrary commands.
The vulnerability of the doactivate function in the mgetty package is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands using symbols like ||, &&, or...
CVE-2022-23329
A vulnerability in $"freemarker.template.utility.Execute"?new of UJCMS Jspxcms v10.2.0 allows attackers to execute arbitrary commands via uploading malicious files...
CVE-2022-23329
A vulnerability in $"freemarker.template.utility.Execute"?new of UJCMS Jspxcms v10.2.0 allows attackers to execute arbitrary commands via uploading malicious files...
CVE-2022-23329
A vulnerability in $"freemarker.template.utility.Execute"?new of UJCMS Jspxcms v10.2.0 allows attackers to execute arbitrary commands via uploading malicious files...
CVE-2022-24148
Tenda AX3 v16.03.12.10CN was discovered to contain a command injection vulnerability in the function mDMZSetCfg. This vulnerability allows attackers to execute arbitrary commands via the dmzIp parameter...
Jspxcms 代码问题漏洞
UJCMS Jspxcms is a scalable enterprise-class open source web content management system CMS from China's BlueIntelligence Technology Corporation. A code issue vulnerability exists in Jspxcms, which stems from a vulnerability in $freemarker.template.utility.Execute?new in UJCMS Jspxcms v10.2.0 that...
D-Link Dir-823-Pro 命令注入漏洞
D-Link Dir-823-Pro is a dual-band smart wireless router from China Youxun D-Link. D-Link DIR-823-Pro v1.0.2 contains a command injection vulnerability, which can be exploited by attackers to execute arbitrary commands via the stationaccessenable parameter...
D-Link Dir-823-Pro 命令注入漏洞
D-Link Dir-823-Pro is a dual-band smart wireless router from China Youxun D-Link. D-Link DIR-823-Pro 1.0.2 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the tomographypingaddress, tomographypingnumber, tomographypingsize,...
D-Link Di-7200G 命令注入漏洞
D-Link Di-7200G is a gigabit enterprise router from China Youxun D-Link. D-Link DI-7200GV2.E1 v21.04.09E1 is vulnerable to a command injection vulnerability, which can be exploited by attackers to execute arbitrary commands via the time parameter...
D-Link Di-7200G 命令注入漏洞
D-Link Di-7200G is a gigabit enterprise router from D-Link, China.D-Link DI-7200GV2.E1 v21.04.09E1 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the url parameter...
D-Link DIR-882 命令注入漏洞
D-Link DIR-882 is a wireless router from D-Link Taiwan, China. The D-Link DIR-882 suffers from an operating system command injection vulnerability, which can be exploited by attackers to execute arbitrary commands via crafted HNAP1 POST requests...
D-Link Di-7200G 命令注入漏洞
D-Link Di-7200G is a gigabit enterprise router from China Youxun D-Link. D-Link DI-7200GV2.E1 v21.04.09E1 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the cmd parameter...
D-Link Dir-823-Pro 命令注入漏洞
D-Link Dir-823-Pro is a dual-band smart wireless router from China Youxun D-Link. D-Link DIR-823-Pro v1.0.2 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the wl0. 0 maclist parameter to execute arbitrary commands...
D-Link DIR-882 命令注入漏洞
The D-Link DIR-882 is a gigabit enterprise router from China Youxun D-Link. The D-Link DIR-882 suffers from a command injection vulnerability, which can be exploited by attackers to execute arbitrary commands via crafted HNAP1 POST requests...
Cisco Small Business 缓冲区错误漏洞
Cisco Small Business is a switch from Cisco USA. A buffer error vulnerability exists in the Cisco Small Business RV Series Routers that stems from insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by sending malicious input to an affected device...
Cisco Small Business 缓冲区错误漏洞
Cisco Small Business is a switch from Cisco USA. A buffer error vulnerability exists in the Cisco Small Business RV Series Routers that results from an insufficient authorization enforcement mechanism. An attacker can exploit these vulnerabilities by submitting specific commands to the affected...
Cisco Small Business 操作系统命令注入漏洞
Cisco Small Business is a switch from Cisco USA. An operating system command injection vulnerability exists in the Cisco Small Business RV Series Routers that stems from insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by sending malicious input to a...
CVE-2022-20710
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...
The vulnerability of the cleanup.exe executable of the McAfee Agent antivirus software allows a malicious actor to execute arbitrary commands.
The vulnerability of the cleanup.exe executable of the McAfee Agent antivirus software is related to inadequate code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary commands...