SonicWall SMA100 Directory Traversal Vulnerability (SNWLID-2019-0018)

The version of SonicWall SMA100 installed on the remote host is prior 9.0.0.4. It is, therefore, affected by a directory traversal vulnerability. In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a fi...

cgi.dit.nl Cross Site Scripting vulnerability OBB-3406764

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

[SECURITY] [DLA 3450-1] ruby2.5 security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-3450-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta June 09, 2023 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...

(Pwn2Own) Western Digital MyCloud PR4100 account_mgr Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Western Digital MyCloud PR4100 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the accountmgr cgi script. The issue results from t...

CVE-2023-27989

A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00ABUV.8C0 could allow a remote authenticated attacker to cause denial of service DoS conditions by sending a crafted HTTP request to a vulnerable device...

CVE-2023-27989

A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00ABUV.8C0 could allow a remote authenticated attacker to cause denial of service DoS conditions by sending a crafted HTTP request to a vulnerable device...

CVE-2023-27989

A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00ABUV.8C0 could allow a remote authenticated attacker to cause denial of service DoS conditions by sending a crafted HTTP request to a vulnerable device...

PT-2023-3759 · Zyxel · Zyxel Nr7101

Name of the Vulnerable Software and Affected Versions: Zyxel NR7101 versions prior to V1.00ABUV.8C0 Description: The issue is related to a buffer overflow in the CGI interface of the Zyxel NR7101 firmware. This could allow a remote attacker to cause denial of service DoS conditions by sending a...

PT-2023-5734 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...

CVE-2023-28703

ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A remote attacker with administrator privileges can exploit this vulnerability to execute arbitrary system commands, disrupt system or terminate...

CVE-2023-28703

ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A remote attacker with administrator privileges can exploit this vulnerability to execute arbitrary system commands, disrupt system or terminate...

PT-2023-3465 · Asus · Asus Rt-Ac86U

Name of the Vulnerable Software and Affected Versions: ASUS RT-AC86U affected versions not specified Description: The issue is related to a stack-based buffer overflow vulnerability in the cgi function of the ASUS RT-AC86U router's firmware, caused by insufficient validation of network packet...

Moderate: Red Hat Security Advisory: rh-ruby27-ruby security, bug fix, and enhancement update

An update for rh-ruby27-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

The vulnerability of the CGI component of the Synology Router Manager operating system, allowing a hacker to execute arbitrary code

The vulnerability of the CGI component of the Synology Router Manager operating system, which is used to manage network devices, relates to the possibility of executing commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2023-31729

TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection via /cgi-bin/cstecgi.cgi...

CVE-2023-31729

TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection via /cgi-bin/cstecgi.cgi...

CVE-2023-31729

TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection via /cgi-bin/cstecgi.cgi...

CVE-2023-31729

TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection via /cgi-bin/cstecgi.cgi...

CVE-2023-32956

Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in CGI component in Synology Router Manager SRM before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors...

Command injection

Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in CGI component in Synology Router Manager SRM before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors...