CVE-2022-20710

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...

The vulnerability of the cleanup.exe executable of the McAfee Agent antivirus software allows a malicious actor to execute arbitrary commands.

The vulnerability of the cleanup.exe executable of the McAfee Agent antivirus software is related to inadequate code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

Mageia: Security Advisory (MGASA-2014-0202)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0089)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exposed Dangerous Method or Function

Overview guake is a Guake Terminal Affected versions of this package are vulnerable to Exposed Dangerous Method or Function due to the exposure of executecommand and executecommandbyuuid methods via the d-bus interface, which makes it possible for a malicious user to run an arbitrary command via...

PYSEC-2022-17

Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...

Reolink Rlc-410W 操作系统命令注入漏洞

Reolink Rlc-410W is a Wifi security camera from Reolink China.A command injection vulnerability exists in Reolink RLC-410W version v3.0.0.13620121102, which stems from the failure of the network system or product to properly filter special characters, commands, etc., during the execution of...

Moxa Tn-5900 命令注入漏洞

Moxa Tn-5900 is a series of En50155 wall-mounted routers from Moxa, China.A command injection vulnerability exists in Moxa TN-5900, which is caused when the network system or product fails to properly filter special characters, commands, etc. during the execution of commands entered by the user. ...

The vulnerability of NETGEAR’s Wi-Fi routers—CBR750, RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850—is related to insufficient cleaning of input data, allowing attackers to execute arbitrary commands.

The vulnerability of the built-in Wi-Fi router software of NETGEAR models CBR750, RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850 lies in insufficient cleaning of input data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

The vulnerability of the built-in software on NETGEAR Wi-Fi routers such as D7000v2, D8500, R7000, R7100LG, R7900, R8000, XR300, R7000P, R8500, R6900P, and R8300 lies in the lack of measures to sanitize input data. This allows a perpetrator to execute arbitrary commands.

The vulnerability of NETGEAR Wi-Fi router software models such as D7000v2, D8500, R7000, R7100LG, R7900, R8000, XR300, R7000P, R8500, R6900P, and R8300 lies in the lack of measures to protect input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of NETGEAR’s Wi-Fi router software, including models RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, arises from insufficient cleaning of input data. This allows attackers to execute arbitrary commands.

The vulnerability of NETGEAR Wi-Fi router microprogramming systems, such as RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, is related to insufficient cleaning of input data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

The vulnerability of the built-in software on NETGEAR Wi-Fi routers such as CBR40, CBR750, EAX20, EAX80, EX3700, EX3800, EX6120, EX6130, EX7000, EX7500, LAX20, MR60, MS60, R6300v2, R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7100LG, R7850, R7900, R7900P, R7960P, R8000, R8000P, R8300, R8500, RAX15, RAX20, RAX200, RAX35v2, RAX40v2, RAX43, RAX45, RAX50, RAX75, RAX80, RBK752, RBK852, RBR750, RBR850, RBR850, RBS750, RBS850, RBS850, RS400, XR1000, XR300 is related to insufficient cleaning of input data, allowing attackers to execute arbitrary commands.

The vulnerability of the built-in software on NETGEAR Wi-Fi routers such as CBR40, CBR750, EAX20, EAX80, EX3700, EX3800, EX6120, EX6130, EX7000, EX7500, LAX20, MR60, MS60, R6300v2, R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7100LG, R7850, R7900, R7900P, R7960P, R8000, R8000P, R8300, R8500,...

The vulnerability of the RBR50 router software, the RBS50 router software, and the RBK50 router software relates to the disclosure of protected information, allowing a perpetrator to execute arbitrary commands and gain access to protected information.

The vulnerabilities of the RBR50 router software, the RBS50 router software, and the RBK50 router software are related to the disclosure of protected information. Exploiting these vulnerabilities can allow an attacker to execute arbitrary commands and gain access to protected information...

CVE-2021-41659

SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username or password field...

GLSA-202105-26 : SpamAssassin: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-202105-26 SpamAssassin: Arbitrary command execution It was discovered that SpamAssassin incorrectly handled certain CF files. Impact : A remote attacker could entice a user or automated system to process a specially crafted CF fil...

Lexmark 命令注入漏洞

Lexmark is a series of printers in the U.S. A command injection vulnerability exists in Lexmark, which stems from the failure of a network system or product to properly filter special characters, commands, etc. during the execution of commands entered by a user into the construct. An attacker cou...

Cisco Redundancy Configuration Manager for Cisco StarOS Software Multiple Vulnerabilities

Multiple vulnerabilities in Cisco Redundancy Configuration Manager RCM for Cisco StarOS Software could allow a unauthenticated, remote attacker to disclose sensitive information or execute arbitrary commands as the root user in the context of the configured container. For more information about...

Design/Logic Flaw

An issue was discovered in CALDERA 2.8.1. It contains multiple startup "requirements" that execute commands when starting the server. Because these commands can be changed via the REST API, an authenticated user can insert arbitrary commands that will execute when the server is restarted...

CVE-2021-42559

CVE-2021-42559 : CALDERA 2.8.1 and earlier contains multiple startup “requirements” that execute commands when starting the server. The commands can be modified via the REST API, allowing an authenticated user to insert arbitrary commands that will execute on restart. This is a command-injection ...

EUVD-2021-29529

An issue was discovered in CALDERA 2.8.1. When activated, the Human plugin passes the unsanitized name parameter to a python "os.system" function. This allows attackers to use shell metacharacters e.g., backticks "" or dollar parenthesis "$" in order to escape the current command and execute...