Lucene search
K

33 matches found

CVE
CVE
added 2020/04/14 1:48 p.m.61 views

CVE-2020-5738

The CVE-2020-5738 entry concerns Grandstream GXP1600 series firmware 1.0.4.152 and earlier. Affects the device via the HTTP endpoint /cgi-bin/upload_vpntar, where an attacker must be authenticated to upload a specially crafted tar file, leading to remote command execution on the affected system. ...

9CVSS8.7AI score0.05424EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/02/10 5:29 p.m.18 views

Command injection

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution...

6.5CVSS8.8AI score0.02237EPSS
Exploits0References1Affected Software29
OSV
OSV
added 2019/02/10 5:29 p.m.3 views

CVE-2018-20767

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution...

8.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2019/02/10 5:29 p.m.16 views

CVE-2018-20767

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution...

8.8CVSS8.9AI score0.02237EPSS
Exploits0References1
OSV
OSV
added 2019/01/09 12:29 a.m.3 views

CVE-2018-20674

D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A before v1.21B08Beta, DIR-850L B before v2.22B03Beta, and DIR-880L A before v1.20B02Beta devices allow authenticated remote command execution...

8.8CVSS5.8AI score0.02534EPSS
Exploits0References1
Prion
Prion
added 2019/01/09 12:29 a.m.17 views

Command injection

D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A before v1.21B08Beta, DIR-850L B before v2.22B03Beta, and DIR-880L A before v1.20B02Beta devices allow authenticated remote command execution...

6.5CVSS8.8AI score0.02534EPSS
Exploits0References1Affected Software4
NVD
NVD
added 2019/01/09 12:29 a.m.17 views

CVE-2018-20674

D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A before v1.21B08Beta, DIR-850L B before v2.22B03Beta, and DIR-880L A before v1.20B02Beta devices allow authenticated remote command execution...

8.8CVSS8.9AI score0.02534EPSS
Exploits0References1
NVD
NVD
added 2018/08/27 3:29 p.m.25 views

CVE-2018-15887

MainAnalysisContent.asp in ASUS DSL-N12EC1 1.1.2.3345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request...

8.8CVSS9.1AI score0.03747EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2018/08/27 12:0 a.m.70 views

CVE-2018-15887

MainAnalysisContent.asp in ASUS DSL-N12EC1 1.1.2.3345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request. Recent assessments:...

8.8CVSS7.9AI score0.03747EPSS
In wildExploits1References2
0day.today
0day.today
added 2016/07/29 12:0 a.m.88 views

AXIS Multiple Products - Authenticated Remote Command Execution via devtools Vector

Exploit for linux platform in category web applications Advisory Information ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + Title: AXIS Multiple Products Authenticated Remote Command Execution via devtools vector + Vendor: AXIS Communications + Research and Advisory: Orwelllabs ...

9CVSS0.4AI score0.17687EPSS
Exploits5
Packet Storm
Packet Storm
added 2016/07/28 12:0 a.m.110 views

AXIS Authenticated Remote Command Execution

/ \ / \ / \ / \ / \ / \ / \ / \ / \ / \ 0 | R | W | 3 | L | L | L | 4 | 8 | 5 / / / / / / / / / / www.orwelllabs.com security advisory olsa-2015-8257 PGP: 79A6CCC0 Advisory Information ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + Title: AXIS Multiple Products...

0.5AI score0.17687EPSS
Exploits5
Metasploit
Metasploit
added 2016/05/30 12:40 a.m.120 views

IPFire Bash Environment Variable Injection (Shellshock)

IPFire, a free linux based open source firewall distribution, version 'IPFire Bash Environment Variable Injection Shellshock', 'Description' = %q IPFire, a free linux based open source firewall distribution, version 'h00die ', module 'Claudio Viviani' discovery , 'References' = 'EDB', '34839' ,...

9.8CVSS9.9AI score0.99999EPSS
Exploits131
securityvulns
securityvulns
added 2015/07/14 12:0 a.m.64 views

Merethis Centreon - Unauthenticated blind SQLi and Authenticated Remote Command Execution

Merethis Centreon - Unauthenticated blind SQLi and Authenticated Remote Command Execution CVEs: CVE-2015-1560, CVE-2015-1561 Vendor: Merethis - www.centreon.com Product: Centreon Version affected: 2.5.4 and prior Product description: Centreon is the choice of some of the world's largest companies...

7.5CVSS0.3AI score0.09146EPSS
Exploits6
Rows per page
Query Builder