10 matches found
CVE-2026-7551
HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded...
CVE-2026-7551
HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded...
EUVD-2026-26451
HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded...
CVE-2026-7551
HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded...
CVE-2026-7551
The CVE describes a remote code execution vulnerability in HKUDS OpenHarness exposed via the /bridge command. An attacker-enabled /bridge spawn command can forward attacker-controlled text to the bridge session manager and execute commands through the shared shell subprocess helper, allowing shel...
CVE-2026-7551 HKUDS OpenHarness Remote Command Execution via /bridge Slash Command
HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded...
CVE-2026-7551 HKUDS OpenHarness Remote Command Execution via /bridge Slash Command
HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded...
OpenHarness 操作系统命令注入漏洞
OpenHarness is a lightweight development and runtime framework for Data Intelligence Lab@HKU, open-source in nature. OpenHarness has a vulnerability related to operating system command injection. This vulnerability stems from the /bridge slash command, which poses a risk of remote code execution,...
PT-2026-36203
Name of the Vulnerable Software and Affected Versions HKUDS OpenHarness affected versions not specified Description A remote code execution issue exists in the '/bridge' slash command. Remote senders accepted by the configuration can execute arbitrary operating system commands. This occurs when t...
CVE-2017-16958
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the tbindif field of an admin/bridge command to cgi-bin/luci, related to the getdevicebyif function in /usr/lib/lua/luci/controller/admin/bridge.lua in uhttpd...