Internet Bug Bounty: `std::process::Command` batch files argument escaping could be bypassed with trailing whitespace or periods

The Rust Security Response WG disclosed a vulnerability in the std::process::Command module on Windows, where it incorrectly escaped arguments when invoking batch files. This allowed for bypassing the fix by including trailing whitespace or periods in the batch file name, which are ignored and...

oFono 安全漏洞

oFono is an open source telephony communication framework open-sourced by UBports. A security vulnerability exists in oFono that stems from an uninitialized variable vulnerability found in the AT CMGL Command module...

PYSEC-2021-53

An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...

Siemens Simatic S7-300/400 - CPU START/STOP Module (Metasploit)

Exploit Title: Siemens Simatic S7 300/400 CPU command module Date: 7-13-2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.siemens.com/ Tested on: Siemens Simatic S7-300 PLC CVE : None require 'msf/core' class Metasploit3 'Siemens Simatic S7-300/400 CPU START/STOP Module',...

Siemens Simatic S7-1200 - CPU STARTSTOP Module (Metasploit)

Siemens Simatic S7-1200 - CPU STARTSTOP Module Metasploit Exploit Title: Siemens Simatic S7 1200 CPU command module Date: 7-13-2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.siemens.com/ Tested on: Siemens Simatic S7-1200 PLC CVE : None require 'msf/core' class Metasploit3...