Geutebruck Remote Command Execution Exploit

This Metasploit module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder and exploits multiple authenticated arbitrary command execution vulnerabilities within the parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and...

Design/Logic Flaw

OpenMage Magento LTS is an alternative to the Magento CE official releases. Prior to versions 19.4.15 and 20.0.11, layout XML enabled admin users to execute arbitrary commands via block methods. The latest OpenMage Versions up from v19.4.15 and v20.0.11 have this Issue patched...

CVE-2021-21869

An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

Deserialization of untrusted data

An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

CVE-2021-21869

CVE-2021-21869 affects CODESYS Development System 3.5.16 and 3.5.17. The unsafe deserialization occurs in Engine.plugin ProfileInformation ProfileData, where a crafted profile file leverages BinaryFormatter.Deserialize to execute arbitrary code. TALOS details show the deserialization occurs in Pr...

CVE-2021-21869

An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

The vulnerability of the commercial vBulletin web forum exists due to the lack of measures to neutralize special elements, allowing attackers to execute arbitrary commands.

The vulnerability of the commercial forum engine vBulletin exists due to the failure to address the issue of eliminating specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using the ajax/render/widgettabbedcontainertabpanel request...

CVE-2021-21868

An unsafe deserialization vulnerability exists in the ObjectManager.plugin Project.getMissingTypes functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

CVE-2021-21867

An unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream.ProfileByteArray functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigge...

Deserialization of untrusted data

An unsafe deserialization vulnerability exists in the ObjectManager.plugin Project.getMissingTypes functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

CVE-2021-21868

An unsafe deserialization vulnerability exists in the ObjectManager.plugin Project.getMissingTypes functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

CVE-2021-21868

CVE-2021-21868 affects CODESYS Development System 3.5.16 and 3.5.17. The root cause is an unsafe deserialization in ObjectManager.plugin GetMissingTypesFromAuxStream() that uses BinaryFormatter on untrusted data, enabling arbitrary code execution when a project auxiliary file (MissingTypeInformat...

CVE-2021-21867

CODESYS Development System versions 3.5.16 and 3.5.17 contain an unsafe deserialization vulnerability in ObjectManager.plugin ObjectStream.ProfileByteArray. The ProfileByteArray setter uses BinaryFormatter.Deserialize on untrusted input, enabling a crafted project file to execute arbitrary comman...

Github diez 命令注入漏洞

Github diez is an open source developer toolkit for building and maintaining design tokens at scale. Github diez suffers from a command injection vulnerability that arises from a networked system or product that does not properly filter special characters, commands, etc. from external input data...

CVE-2021-35395

Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both of them are affect...

Stack overflow

Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both of them are affect...

CVE-2021-35395

Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both of them are affect...

CVE-2021-35395

Realtek Jungle SDK (Realtek AP-Router/IoT SDK) CVE-2021-35395 enables multiple stack-buffer overflows and command-injection flaws in the HTTP web server management interface (Go-Ahead webs and Boa-based). Affected forms include reboot, WSC/auth, WLANMultiAP, SiteSurvey, StaticDHCP, and peerPin-ba...

UBUNTU-CVE-2021-23422

This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing Inline Tag Command metadata is processed. When an arbitrary OS command is executed, the command output would be included in the HTML output...

D-Link DSL-2750U 操作系统命令注入漏洞

The D-Link DSL-2750U is a wireless N 300 ADSL2 modem router. an OS command injection vulnerability exists in the D-Link DSL-2750U ME1.16 and earlier versions. An attacker could exploit this vulnerability in combination with other vulnerabilities to execute arbitrary OS commands...