9793 matches found
ZeroShell kerbynet remote command execution
Added: 05/24/2021 Background Zeroshell is a Linux distribution designed for router and firewall appliances which can be administered from a web interface. Zeroshell is no longer supported. Problem A command injection vulnerability allows unauthenticated attackers to execute arbitrary commands by...
ZeroShell kerbynet remote command execution
Added: 05/24/2021 Background Zeroshell is a Linux distribution designed for router and firewall appliances which can be administered from a web interface. Zeroshell is no longer supported. Problem A command injection vulnerability allows unauthenticated attackers to execute arbitrary commands by...
CVE-2021-33514
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTPUSERAGENT;' with an OS command in the User-Agent field. This affects GC108P before...
CVE-2021-33514
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTPUSERAGENT;' with an OS command in the User-Agent field. This affects GC108P before...
Command injection
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTPUSERAGENT;' with an OS command in the User-Agent field. This affects GC108P before...
CVE-2021-33514
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTPUSERAGENT;' with an OS command in the User-Agent field. This affects GC108P before...
CVE-2021-33514
CVE-2021-33514 affects multiple NETGEAR devices (e.g., GC108P/GC108PP/GS108Tv3/GS110TPPv1/GS110TPv3/GS110TUPv1/GS710TUPv1/GS716TP/GS716TPP/GS724TPP/v1/v2/GS728TPPv2/GS752TPPv1/v2/MS510TXM/MS510TXUP) with a pre-authentication command injection in the CGI setup path. The root cause is improper hand...
Ruby: CGI::Cookieクラスにおけるセキュリティ上好ましくない仕様および実装
以下のCGIスクリプトについて、name、path、domainに改行、等号、改行のインジェクションが可能 !/usr/bin/env ruby require "cgi" cgi = CGI.new name = "name" path = "/" domain = "example.jp" cookie = CGI::Cookie.new'name' = name, 'value' = "value", 'domain' = domain, 'path' = path cgi.out"cookie" = cookie...
Ruby: RubyのCGIライブラリにHTTPレスポンス分割(HTTPヘッダインジェクション)があり、秘密情報が漏洩する
PoC1: !/usr/bin/env ruby require 'cgi' cgi = CGI.new url = "http://example.jp\r\nSet-Cookie: foo=bar;" External Parameter print cgi.header'status' = '302 Found', 'Location' = url Actual Result1: $ curl -s -i http://localhost:8080/cgi-bin/cgi.ru HTTP/1.1 302 Found Date: Fri, 21 May 2021 00:46:33 G...
Netgear NETGEAR 操作系统命令注入漏洞
Netgear NETGEAR is a router from the American company Netgear. A hardware device that connects two or more networks and acts as a gateway between networks. A security vulnerability exists in NETGEAR devices that stems from NETGEAR devices can be exploited by unauthenticated attackers to inject...
IPFire 2.25 Remote Code Execution
Exploit Title: IPFire 2.25 - Remote Code Execution Authenticated Date: 15/05/2021 Exploit Author: Mücahit Saratar Vendor Homepage: https://www.ipfire.org/ Software Link: https://downloads.ipfire.org/releases/ipfire-2.x/2.25-core156/ipfire-2.25.x8664-full-core156.iso Version: 2.25 - core update 15...
Fedora: Security Advisory for php (FEDORA-2021-6f34b7c382)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ZeroShell 3.9.0 - Remote Command Execution
Exploit Title: ZeroShell 3.9.0 - Remote Command Execution Date: 10/05/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://zeroshell.org/ Software Link: https://zeroshell.org/download/ Version: 3.9.0 Tested on: ZeroShell 3.9.0 CVE : CVE-2019-12725 !/usr/bin/python3 import requests impor...
[SECURITY] Fedora 34 Update: php-7.4.19-1.fc34
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
CVE-2021-28150
Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf with the administrator password and other sensitive data via /backup2.cgi...
CVE-2021-28150
Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf with the administrator password and other sensitive data via /backup2.cgi...
Default credentials
Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf with the administrator password and other sensitive data via /backup2.cgi...
CVE-2021-28150
Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf with the administrator password and other sensitive data via /backup2.cgi...
CVE-2021-32062
MapServer before 7.0.8, 7.1.x and 7.2.x before 7.2.3, 7.3.x and 7.4.x before 7.4.5, and 7.5.x and 7.6.x before 7.6.3 does not properly enforce the MSMAPNOPATH and MSMAPPATTERN restrictions that are intended to control the locations from which a mapfile may be loaded with MapServer CGI...
Design/Logic Flaw
MapServer before 7.0.8, 7.1.x and 7.2.x before 7.2.3, 7.3.x and 7.4.x before 7.4.5, and 7.5.x and 7.6.x before 7.6.3 does not properly enforce the MSMAPNOPATH and MSMAPPATTERN restrictions that are intended to control the locations from which a mapfile may be loaded with MapServer CGI...