Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers Shell Bypass Vulnerability

A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. The vulnerability is due to incorrect permission...

Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance CLI Command Injection Vulnerability

A vulnerability in the CLI of the Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to...

CVE-2017-7307

Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by replacing the /opt/tms/bin/cli file...

CVE-2017-7307

Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by replacing the /opt/tms/bin/cli file...

DblTekGoIPPwn - Tool to check if an IP of a DblTek GoIP is vulnerable to a challenge-response login system, execute remote commands botnet style, and generate responses to challenges

Tool to exploit challenge response system in vulnerable DblTek GoIP devices. Can generate responses to specified challenges, test hosts for the vulnerability, run commands on vulnerable hosts, and drop into a root shell on any vulnerable host. The Vulnerability On March 2nd, 2017, Trustwave...

Unauthorized Domain Creation

admin-cli is vulnerable to unauthorised domain creation. The vulnerability is possible since it does not verify the validity of admin's credentials before creation of domain...

wuzz - Interactive CLI Tool for HTTP Inspection

Interactive cli tool for HTTP inspection Wuzz command line arguments are similar to cURL's arguments, so it can be used to inspect/modify requests copied from the browser's network inspector with the "copy as cURL" feature. Installation and usage $ go get github.com/asciimoo/wuzz $...

Assigning a GPU to a Windows VM using xe CLI

To assign a GPU to a Windows VM using xe CLI...

CVE-2017-3819

A privilege escalation vulnerability in the Secure Shell SSH subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access. The...

CVE-2016-10171

The unreorderchannels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WV file...

CVE-2016-10170

CVE-2016-10170 affects WavPack; the WriteCaffHeader function in cli/caff.c is vulnerable to an out-of-bounds read in crafted WV files, enabling a denial of service. Public records in connected advisories indicate fixes were delivered via openSUSE/SUSE security updates (wavpack updates addressing ...

How to Enable HA Using XenServer CLI

This article describes how to enable HA using XenServer CLI. HA can be enabled on a pool using either XenCenter or the command-line interface. In either case, you will specify a set of priorities that determine which VMs should be given highest restart priority when a pool is over committed...

BruteXSS - Tool to find XSS vulnerabilities in web application

BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application. This tool was originally developed by Shawar Khan in CLI. I just redesigned it and made it GUI for more convienience. This tool is developed in Python, so obviously cross platform, you just need Python...

Kernel Vulnerability

A vulnerability exists in the kernel of PAN-OS that may result in an elevation of privilege. This issue is publicly known as Dirty COW ref PAN-68074 / CVE-2016-5195. PAN-OS may be impacted by the Dirty COW CVE-2016-5195 attack. A race condition was found in the way the Linux kernel's memory...

MongoDB Security Audit: mongoaudit

MongoDB Security Audit mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB’s default configuration settings. This fact, combined with abundant lazy syst...

[SECURITY] Fedora 25 Update: wireshark-2.2.4-1.fc25

Metapackage with installs wireshark-cli and wireshark-qt...

Design/Logic Flaw

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known...

CVE-2017-3806

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known...

CVE-2017-3806

CVE-2017-3806 affects Cisco Firepower 4100 Series NGFW and Cisco Firepower 9300 Security Appliance. Description: an authenticated, local attacker can exploit vulnerable CLI command processing due to insufficient input validation to inject arbitrary shell commands executed by the device. Impact: l...

CVE-2017-3806

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known...