Fortinet FortiAnalyzer 安全漏洞

Fortinet FortiAnalyzer is a set of centralized network security reporting solutions from the U.S. company Fiat Fortinet. The product is mainly used to collect network log data, and through the reporting suite of security events in the log, network traffic, Web content, etc. to analyze, report,...

Imperative 命令注入漏洞

Imperative is an open source command processing system from Zowe. Imperative has a security vulnerability that stems from the presence of a command execution vulnerability...

Command Execution Vulnerability in Tianqing Hanma USG Firewall of Beijing Qixing Information Security Technology Co.

Tianqing Hanma USG Firewall is a new firewall series product launched by Qixing. There is a command execution vulnerability in Tianqing Hanma USG Firewall, which can be exploited by attackers to obtain server control privileges...

CVE-2022-45104

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying system...

CVE-2022-40989

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

CVE-2022-40720

This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd service, which listens on...

Command Execution Vulnerability in TOTOLINK T8

The TOTOLINK T8 is a wireless dual-band router. A command execution vulnerability exists in TOTOLINK T8, which can be exploited by an attacker to gain control of the server...

MGASA-2023-0003 Updated ctags packages fix security vulnerability

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...

CVE-2022-45875 Apache DolphinScheduler: Remote command execution Vulnerability in script alert plugin

Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. This issue affects Apache DolphinScheduler version 3.0.1 and prior versions; version 3.1.0 and prior versions. This attack can be performed only by authenticated users...

Command Execution Vulnerability in Vehicle Monitoring Platform of Zhejiang Dahua Technology Co.

Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. A command execution vulnerability exists in the in-vehicle monitoring platform of Zhejiang Dahua Technology Co. Ltd, which can be exploited by an attacker to...

CVE-2022-46875

The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.. This vulnerability affects Firefox 108, Firefox ESR 102.6, and...

Command Execution Vulnerability in Mingguo Security Gateway of Hangzhou ACE Information Technology Co. Ltd (CNVD-2023-03898)

MingGuard Security Gateway builds a next-generation security protection system with full-process defense and integrates traditional firewall, intrusion detection, intrusion prevention system, anti-virus gateway, Internet behavior control, VPN gateway, threat intelligence, and other security modul...

D-Link DIR-823G Command Execution Vulnerability

D-Link DIR-823G is a wireless router from D-Link, a Chinese company. D-Link DIR-823G firmware version 1.02B05 contains a command execution vulnerability that stems from sub42383C's failure to properly filter constructed command special characters, commands, etc. The vulnerability can be exploited...

CVE-2022-45461

The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users that have been explicitly added to the auth.conf file to execute arbitrary commands as root...

CVE-2022-43030

Siyucms v6.1.7 was discovered to contain a remote code execution RCE vulnerability in the background. SIYUCMS is a content management system based on ThinkPaP5 AdminLTE. SIYUCMS has a background command execution vulnerability, which can be used by attackers to gain server privileges...

NETGEAR R6220 Command Execution Vulnerability

The NETGEAR R6220 is a wireless router from NETGEAR. The NETGEAR R6220 suffers from a command execution vulnerability that is due to improper access control. An attacker could exploit the vulnerability to execute arbitrary commands on the system...

Fortinet FortiOS Command Execution Vulnerability

Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform from Fortinet, a US-based company. The system provides users with a variety of security features such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam.Fortinet FortiOS ha...

CVE-2022-32585

A command execution vulnerability exists in the clish art2 functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...

Robustel R1510 安全漏洞

Robustel R1510 is an industrial VPN router from Robustel China.The Robustel R1510 is vulnerable to a command execution vulnerability that could be exploited by an attacker to send specially crafted network requests leading to arbitrary command execution...

Command execution vulnerability in JGraph drawio-desktop

drawio-desktop is an Electron-based diagramming and whiteboarding desktop application. A command execution vulnerability exists in JGraph drawio-desktop that can be exploited by an attacker to cause code execution...