IBM Planning Analytics 注入漏洞

IBM Planning Analytics is a business planning and analysis solution from IBM Corporation. The solution supports automated execution of business planning, budgeting, and analysis processes.IBM Planning Analytics has a security vulnerability that stems from incorrect validation of csv file content...

CloudLinux Inc Imunify360 Ai-Bolit php unserialize vulnerability

Summary A php unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360 5.8 and 5.9. A specially-crafted malformed file can lead to potential arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions...

Lantronix PremierWave 2050 OS Command Injection Vulnerability

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. The Lantronix PremierWave 2050 is vulnerable to an operating system command injection vulnerability that could be exploited by attackers to cause arbitrary command execution...

Lantronix PremierWave 2050 OS Command Injection Vulnerability (CNVD-2022-04977)

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. The Lantronix PremierWave 2050 is vulnerable to an operating system command injection vulnerability that could be exploited by attackers to cause arbitrary command execution...

Lantronix PremierWave 2050 OS Command Injection Vulnerability (CNVD-2022-01599)

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. The Lantronix PremierWave 2050 in version 8.9.0.0R4 contains a security vulnerability that originates when the Web Manager wireless network scanner feature fails to properly filter special characters,...

Lantronix PremierWave 2050 OS Command Injection Vulnerability

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. The Lantronix PremierWave 2050 in version 8.9.0.0R4 is vulnerable to OS command injection, which stems from a Web Manager Diagnostics:Ping feature that fails to properly filter special characters, commands,...

Lantronix PremierWave 2050 OS Command Injection Vulnerability (CNVD-2022-04980)

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. The Lantronix PremierWave 2050 is vulnerable to an operating system command injection vulnerability that could be exploited by attackers to cause arbitrary command execution...

The vulnerability of the CGI interface of the ZyWALL VPN2S microprogramming network interface devices allows a intruder to execute arbitrary commands.

The vulnerability of the Common Gateway Interface CGI interface of the ZyWALL VPN2S microprogramming network interface devices is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability can allow a hacker to execute...

Lantronix PremierWave 2050 操作系统命令注入漏洞

The Lantronix PremierWave 2050 is an embedded Wi-Fi module manufactured by Lantronix. The Lantronix PremierWave 2050 is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution in the "EC keypasswd" parameter wit...

Lantronix PremierWave 2050 操作系统命令注入漏洞

The PremierWave 2050 is an embedded Wi-Fi module manufactured by Lantronix.The Web Manager SslGenerateCSR feature of the Lantronix PremierWave 2050 8.9.0.0R4 is vulnerable to OS command injection, which can be exploited by attackers to cause arbitrary command execution with the help of specially...

Lantronix PremierWave 2050 Web Manager FsUnmount OS command injection vulnerability

Summary An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. Test...

Lantronix PremierWave 操作系统命令注入漏洞

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. The Lantronix PremierWave 2050 is vulnerable to an operating system command injection vulnerability that could be exploited by attackers to cause arbitrary command execution...

The vulnerability in the built-in RDoc documentation generator for the Ruby programming language allows a perpetrator to execute arbitrary commands.

The vulnerability of the RDoc documentation generator for the Ruby programming language is related to the lack of measures taken to clean up data at the control level. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

The vulnerability of the command-line interface (CLI) of Cisco Firepower Threat Defense (FTD) microprogramming system allows a attacker to execute arbitrary commands.

The vulnerability of the command-line interface CLI of Cisco Firepower Threat Defense FTD microprogramming systems lies in insufficient checking of command arguments. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

Cisco Catalyst Passive Optical Network Series Switches 操作系统命令注入漏洞

Cisco Catalyst Passive Optical Network Series Switches Catalyst Pon Series Switches is a series of high-performance, simple and easy-to-maintain switches from Cisco. Used to provide competitive network solutions. An operating system command injection vulnerability exists in Cisco Catalyst Passive...

CVE-2021-34755

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory...

CVE-2011-2195

WebSVN 2.3.2 contains an unauthenticated OS command injection when allowDownload is enabled in config.php. An attacker can call the dl.php script with a well-formed path argument to execute arbitrary commands on the underlying OS. The issue is triggered without prior authentication and is tied to...

VulnCheck KEV: CVE-2021-26605

An improper input validation vulnerability in the service of ezPDFReader allows attacker to execute arbitrary command. This issue occurred when the ezPDF launcher received and executed crafted input values through JSON-RPC communication...

GHSA-VW27-FWJF-5QXM Arbitrary command execution on Windows via qutebrowserurl: URL handler

Impact Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers it as a handler for certain URL schemes. With some applications such as Outlook Desktop, opening a specially crafted URL can lead to argument injection, allowing execution of qutebrowser commands, which in tu...

Arbitrary Command Execution

qutebrowser is vulnerable to arbitrary command execution. An attacker is able to execute commands such as :spawn or :debug-pyeval on the host OS via a specially crafted URL leading to argument injection. The vulnerability exists on windows installations where qutebrowser is registered as a URL...