64 matches found
PT-2023-28010 · Brocade · Brocade Fabric Os
Name of the Vulnerable Software and Affected Versions: Brocade Fabric OS versions prior to 9.2.0a Description: A local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command. Recommendations:...
CVE-2023-20117
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilitie...
PT-2023-3314 · Cisco · Cisco Small Business Rv320 +1
Name of the Vulnerable Software and Affected Versions: Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers affected versions not specified Description: The web-based management interface of the affected devices has insufficient validation of user-supplied input, which could allow an...
SUSE CVE-2020-15862
Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root...
PT-2023-16425 · Dst-Admin · Dst-Admin
Name of the Vulnerable Software and Affected Versions: dst-admin version 1.5.0 Description: A critical issue was found in dst-admin, affecting an unknown part of the file /home/masterConsole. The manipulation of the command argument leads to command injection. It is possible to initiate the attac...
PT-2022-5072 · Brocade · Brocade Fabric Os
Name of the Vulnerable Software and Affected Versions: Brocade Fabric OS versions prior to 9.1.0 Brocade Fabric OS versions prior to 9.0.1e Brocade Fabric OS versions prior to 8.2.3c Brocade Fabric OS versions prior to 8.2.0cbn5 Description: A privilege escalation issue in Brocade Fabric OS CLI...
PT-2022-5070 · Brocade · Brocade Fabric Os
Name of the Vulnerable Software and Affected Versions: Brocade Fabric OS versions prior to 9.1.0 Brocade Fabric OS versions prior to 9.0.1e Brocade Fabric OS versions prior to 8.2.3c Brocade Fabric OS versions prior to 8.2.0cbn5 Brocade Fabric OS versions prior to 7.4.2.j Description: The issue i...
CVE-2022-36265
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the devi...
CVE-2022-20897
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2021-34755
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory...
ZTE PON MDU 加密问题漏洞
ZTE PON MDU is a China ZTE ZTE company's main application for the connection between network backbone switches, as well as network aggregation layer switches access to the network backbone switch core switch. An encryption issue vulnerability exists in ZTE PON MDUs. The vulnerability originates...
CVE-2021-1485
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges on the underlying Linux operating system OS of an affected device. This vulnerability is due to insufficient input validation of...
CVE-2020-25618
An issue was discovered in SolarWinds N-Central 12.3.0.670. The sudo configuration has incorrect access control because the nable web user account is effectively able to run arbitrary OS commands as root i.e., the use of root privileges is not limited to specific programs listed in the sudoers fi...
Multiple D-Link Router Products Input Validation Error Vulnerability
The D-link DSR-250, among others, is a Unified Services router from China-based AUO D-link. An input validation error vulnerability exists in D-Link DSR VPN routers with firmware 3.14 and 3.17, which stems from a lack of input validation and access control, and could lead to arbitrary input being...
Cellebrite UFED Input Validation Error Vulnerability
Cellebrite UFED is a universal forensic product from Cellebrite Israel. The product is mainly used for data extraction, transmission and analysis of devices. An input validation error vulnerability exists in Cellebrite UFED versions 5.0 through 7.5.0.845, which can be exploited by an attacker to...
DEWESoft X3 SP1 (x64) - Remote Command Execution
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/DEWESOFT-X3-REMOTE-INTERNAL-COMMAND-ACCESS.txt + ISR: Apparition Security Vendor: ============= www.dewesoft.com Product: =========== DEWESoft X3 SP1 64-bit installer - X3...
CVE-2018-0015
A malicious user with unrestricted access to the AppFormix application management platform may be able to access a Python debug console and execute system commands with root privilege. The AppFormix Agent exposes the debug console on a host where AppFormix Agent is executing. If the host is...
Command injection
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue-manager command access restrictions by leveraging authority for +connect and +dsp...
CVE-2015-7473
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue-manager command access restrictions by leveraging authority for +connect and +dsp...
PHP File Manager Authentication Bypass Vulnerability
PHP File Manager is a suite of applications for managing web sites using PHP scripts. An authentication bypass vulnerability exists in PHP File Manager version 0.9.8 due to incorrectly registered global variables. An attacker is able to override the block key group, establish a valid session, and...