Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers Shell Bypass Vulnerability

A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. The vulnerability is due to incorrect permission...

Design/Logic Flaw

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known...

CVE-2017-3806

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known...

How to reboot or shutdown NetScaler MAS using CLI

Citrix ADM, formerly NetScaler MAS There is an option on MAS GUI to reboot it but what is the equivalent CLI command for it. Do not use the REBOOT command as it is not a clean reboot and will need a Database recovery...

CVE-2015-6396

CVE-2015-6396 affects Cisco RV110W, RV130W, and RV215W routers. The issue stems from the CLI command parser, where insufficient input validation allows an authenticated, local attacker to inject and execute arbitrary shell commands with administrator privileges. This vulnerability could enable fu...

CVE-2016-1418

Cisco Aironet Access Point Software 8.2100.0 on 1830e, 1830i, 1850e, 1850i, 2800, and 3800 access points allows local users to obtain Linux root access via crafted CLI command parameters, aka Bug ID CSCuy64037...

Code injection

Cisco Aironet Access Point Software 8.2100.0 on 1830e, 1830i, 1850e, 1850i, 2800, and 3800 access points allows local users to obtain Linux root access via crafted CLI command parameters, aka Bug ID CSCuy64037...

CVE-2016-1418

Cisco Aironet Access Point Software 8.2100.0 on 1830e, 1830i, 1850e, 1850i, 2800, and 3800 access points allows local users to obtain Linux root access via crafted CLI command parameters, aka Bug ID CSCuy64037...

CVE-2016-0789

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

Crlf injection

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

CVE-2015-5321

The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages...

CVE-2015-5319

XML external entity XXE vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an "XML-aware tool," as demonstrated by get-job and update-job...

Information disclosure

The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages...

CVE-2015-5321

CVE-2015-5321 affects Jenkins, enabling information disclosure via the sidepanel widgets in the CLI command overview and help pages. The root cause is an information leakage vulnerability exposed by direct requests to those pages, allowing remote attackers to obtain sensitive data. Affected versi...

Grandstream GXV3275 < 1.0.3.30 - Multiple Vulnerabilities

The Grandstream GXV3275 is an Android-based VoIP phone. Several vulnerabilities were found affecting this device. The device ships with a default root SSH key, which could be used as a backdoor: /system/root/.ssh cat authorizedkeys Public key portion is: ssh-rsa...

Allied Telesis AT-RG634A Unauthenticated Webshell

Title: Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. Vulnerability Information: - CVE: CVE-2014-1982 - Type of Vulnerability: - CWE-78 : OS Command Injection - CWE-306 : Missing Authentication for Critical Function Affected products: - Allied Teles...

CVE-2013-5455

Summary: IBM SmartCloud Provisioning 2.1 before FP3 IF0001 is vulnerable to an unaffordable remote-authenticated command that can delete or modify virtual-system deployments via the deployer.virtualsystems CLI (example: delete). The issue affects the CLI (not GUI) and can be triggered by commands...

D-Link DSL-2640B ADSL Router - Authentication Bypass

D-Link DSL-2640B ADSL Router - Authentication Bypass +------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : D-Link DSL-2640B ADSL Router Authentication Bypass Date : 22-02-2012 Author : Ivano...

Cisco Security Advisory: Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities Advisory ID: cisco-sa-20110928-zbfw Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT...

McAfee Email Gateway 6.7.2 Hotfix 2更新修复多个安全漏洞

BUGTRAQ ID: 39242 McAfee Email Gateway之前名为IronMail，是企业级的硬件邮件网关和管理平台。 McAfee Email Gateway的6.7.2 Hotfix 2之前版本中的多个漏洞允许本地用户导致拒绝服务、读取敏感信息、获得权限提升，或允许远程攻击者执行跨站脚本攻击。 1 处理CLI命令时的错误可能耗尽可用的系统资源。 2 由于没有正确地过滤提交给admin/queuedMessage.do页面的queueMsgType和QtnType参数，远程攻击者可以通过提交恶意请求执行跨站脚本攻击。 3...