Mitrastar GPT-2541GNAC-N1 操作系统命令注入漏洞

The Mitrastar GPT-2541GNAC-N1 is a router. An operating system command injection vulnerability exists in the firmware version of the Mitrastar GPT-2541GNAC-N1 HGU 100VNZ0b33, which is caused by incorrectly clearing the parameter "path". The vulnerability can be exploited by a remote authenticatio...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Docker $ sudo docker build -t . $ sudo...

CVE-2022-24725 Exposure of home directory through shescape on Unix with Bash

Shescape is a shell escape package for JavaScript. An issue in versions 1.4.0 to 1.5.1 allows for exposure of the home directory on Unix systems when using Bash with the escape or escapeAll functions from the shescape API with the interpolation option set to true. Other tested shells, Dash and Zs...

Command Execution Vulnerability in Opmantek Open-AudIT

Opmantek Open-AudIT is a network auditing program based on PHP, bash shell and VB language. Opmantek Open-AudIT suffers from a command execution vulnerability that can be exploited by a remote attacker to submit a special request and execute a command...

Exploit for Code Injection in Gitlab

CVE-2021-22205 GitLab CE/EE Preauth RCE using ExifTool This...

CVE-2021-28497

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in...

CVE-2021-28497

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in...

Design/Logic Flaw

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in...

CVE-2021-28497

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in...

CVE-2021-28497

Arista MOS on 7130 (Arista 7130 MOS) is affected by CVE-2021-28497. Under certain conditions, the bash shell may be accessible to unprivileged users. Affected software trains and versions include MOS-0.1x (all releases), MOS-0.26.6 and below in MOS-0.2x, and MOS-0.31.1 and below in MOS-0.3x. Reme...

Arista Networks MOS 安全漏洞

Arista Networks MOS is a fully programmable and highly modular Linux-based network operating system from Arista Networks, Inc. that uses the familiar industry-standard CLI and runs a single binary software image within the Arista switching family. A security vulnerability exists in the Arista...

Command injection

Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. Thi...

Bugs Lurking in Cisco UC Provisioning Platform

The Akkadian Provisioning Manager, which is used as a third-party provisioning tool within Cisco Unified Communications environments, has three high-severity security vulnerabilities that can be chained together to enable remote code execution RCE with elevated privileges, researchers said. They...

rxvt 2.7.0 / rxvt-unicode 9.22 Code Execution

!/usr/bin/env python Title: rxvt remote code execution over scp with $SHELL=/bin/bash 0day Version: rxvt 2.7.10, rxvt-unicode 9.22 Author: def Date: 2021-05-16 CVE: N/A ------------------------------------------------------------------------------ URXVT VULNERABILITY In rxvt-based terminals, ANSI...

Kali Linux 2020.4 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2020.4. This release has various impressive updates: ZSH is the new default shell – We said it was happening last time, Now it has. ZSH. Is. Now. Default. Bash shell makeover – It may not function like ZSH, but now Bash looks like ZSH. Partnership...

CVE-2020-11963

IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configurati...

Remote code execution

IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configurati...

CVE-2020-11963

CVE-2020-11963 affects IQrouter up to firmware 3.3.1. When the device is unconfigured, the web-panel is vulnerable to Bash Shell Metacharacter Injection leading to remote code execution and potential root privileges. Documented impact includes multiple RCE vectors in the web-panel; exploitation r...

CVE-2020-11963

IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configurati...

CVE-2020-11963

IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configurati...