CVE-2023-40838

Tenda AC6 USAC6V1.0BRV15.03.05.16multiTD01.bin function 'sub3A1D0' contains a command execution vulnerability...

CVE-2023-40838

Tenda AC6 USAC6V1.0BRV15.03.05.16multiTD01.bin function 'sub3A1D0' contains a command execution vulnerability...

CVE-2023-40837

Tenda AC6 USAC6V1.0BRV15.03.05.16multiTD01.bin function 'subADD50' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "subADD50" function to execute commands...

Command execution vulnerability in Damon Enterprise Manager (DEM) (CNVD-2023-69447)

Damon Enterprise Manager DEM is a centralized management platform that monitors, manages and maintains DM databases through a web interface. A command execution vulnerability exists in Damon Enterprise Manager DEM, which can be exploited by an attacker to gain control of the server...

PT-2023-9232

Name of the Vulnerable Software and Affected Versions Rejetto HTTP File Server versions 2.3m and earlier Description The vulnerability is related to the improper neutralization of special elements used in a template engine, allowing a remote, unauthenticated attacker to execute arbitrary commands...

CVE-2023-37754

PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...

Milesight UR32L urvpn_client cmd_name_action function command execution vulnerability

The Milesight UR32L is a 4G industrial router from China's Milesight. A command execution vulnerability exists in the Milesight UR32L urvpnclient cmdnameaction function, which can be exploited by an attacker to execute arbitrary commands on the system...

Command Execution Vulnerability in YouDianCMS of Changsha YouDian Software Technology Co.

YouDianCMS set computer website, mobile website, micro letter, APP, small program in one, share space, data automatic synchronization, is the domestic open source five station one excellent solution. Changsha YouDianCMS has a command execution vulnerability that can be exploited by attackers to...

Moderate: Red Hat Security Advisory: emacs security and bug fix update

An update for emacs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: emacs security and bug fix update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: ctags local command execution vulnerability CVE-2022-45939 For more details about the...

GHSA-GH24-C683-79R2 Duplicate Advisory: Arbitrary code execution in jfinal CMS

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8qhm-ch8h-xgjr. This link is maintained to preserve external references. Original Description Command execution vulnerability in the ActionEnter Class ins jfinal CMS version 5.1.0 allows attackers to execute...

Duplicate Advisory: Arbitrary code execution in jfinal CMS

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8qhm-ch8h-xgjr. This link is maintained to preserve external references. Original Description Command execution vulnerability in the ActionEnter Class ins jfinal CMS version 5.1.0 allows attackers to execute...

CVE-2023-29855

WBCE CMS 1.5.3 has a command execution vulnerability via admin/languages/install.php...

CVE-2023-0265

Uvdesk version 1.1.1 allows an authenticated remote attacker to execute commands on the server. This is possible because the application does not properly validate profile pictures uploaded by customers...

CVE-2022-3210

This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TCP port 4044 by defaul...

CVE-2023-23149

CVE-2023-23149 affects DEK-1705 devices with firmware 34.23.1 and earlier. Root cause: command execution vulnerability in the DEK-1705 firmware. Impact is high across confidentiality, integrity, and availability (CVSS v3.1: 9.8; Network access, no authentication, no user interaction). Remediation...

NETGEAR Orbi Satellite RBS750 ubus backend communication function command execution vulnerability

The NETGEAR Orbi Satellite RBS750 is a professional-grade tri-band satellite router from NETGEAR. The NETGEAR Orbi Satellite RBS750 suffers from a command execution vulnerability that stems from a failure to properly filter constructed command special characters, commands, etc. in the ubus back-e...

CVE-2022-37337

A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

PT-2023-2000 · NetGear · Netgear Orbi Router Rbr750

Name of the Vulnerable Software and Affected Versions: Netgear Orbi Router RBR750 version 4.6.8.5 Description: A command execution issue exists in the hidden telnet service functionality. This can be exploited by sending a specially-crafted network request, potentially allowing an attacker to...

Netgear Orbi Satellite RBS750 ubus backend communications command execution vulnerability

Talos Vulnerability Report TALOS-2022-1597 Netgear Orbi Satellite RBS750 ubus backend communications command execution vulnerability March 21, 2023 CVE Number CVE-2022-36429 SUMMARY A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite...