Pwndora - Massive IPv4 Scanner, Find And Analyze Internet-Connected Devices In Minutes, Create Your Own IoT Search Engine At Home

Pwndora is a massive and fast IPv4 address range scanner, integrated with multi-threading. Using sockets, it analyzes which ports are open, and collects more information about targets, each result is stored in Elasticsearch. You can integrate with Kibana to be able to visualize and manipulate dat...

Stack overflow

Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA...

Garrett Metal Detectors iC Module CMA CLI readfile stack-based buffer overflow vulnerabilities

Summary Two stack-based buffer overflow vulnerabilities exist in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. Convincing the system to call readfile on a specially-crafted file can lead to stack-based buffer overflows. An attacke...

Fortinet FortiWeb Buffer Overflow Vulnerability

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...

Fortinet FortiWeb Buffer Overflow Vulnerability (CNVD-2021-70111)

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...

FortiWeb - Multiple stack-based buffer overflow vulnerabilities in CLI command

Multiple stack-based buffer overflow vulnerabilities in FortiWeb CLI interface may allow an authenticated attacker to execute unauthorized code or commands via config backup arguments...

Security Bulletin: CVE-2021-29711 Agent Upgrade through CLI requires inconsistent permission.

Summary Security Bulletin: CVE-2021-29711 Agent Upgrade through CLI requires inconsistent permission set with UI. Vulnerability Details CVEID: CVE-2021-29711 DESCRIPTION: IBM UrbanCode Deploy UCD could allow an authenticated user with certain permissions to initiate an agent upgrade through the C...

Authentication flaw

A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. This vulnerability exists because access to sensitive information on an affected system is not sufficient...

CVE-2021-34700 Cisco SD-WAN vManage Software Information Disclosure Vulnerability

A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. This vulnerability exists because access to sensitive information on an affected system is not sufficient...

CVE-2021-29711

IBM UrbanCode Deploy UCD 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965...

Code injection

IBM UrbanCode Deploy UCD 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965...

CVE-2021-29711

CVE-2021-29711 affects IBM UrbanCode Deploy (UCD) versions including 6.2.7.3/4/8/9, 7.0.3.0/4.0/5.4, 7.1.0.0/1.0/1.1/1.2, and 7.1.1.x. The IBM security bulletin notes that an authenticated user with certain permissions could initiate an agent upgrade through the CLI interface, due to inconsistent...

CVE-2021-29711

IBM UrbanCode Deploy UCD 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965...

Design/Logic Flaw

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell or tshell...

CVE-2021-27171

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell or tshell...

OPENSUSE-SU-2020:0253-1 Security update for yast2-rmt

This update for yast2-rmt fixes the following issues: yast2-rmt was updated to release version 1.2.2: - CVE-2018-20105: Pass SSL password to Cheetah CLI interface securely boo1119835...

CVE-2019-5445

DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands...

CVE-2019-5445

DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands...

CVE-2019-5425

In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to root...

RHEL 7 : ceph-iscsi-cli (RHSA-2018:2837)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:2837 advisory. ceph-iscsi-cli provides a CLI interface similar to the targetcli tool used to interact with the kernel LIO subsystem. Security Fixes: It was found th...