Code injection

Nextcloud also ships a CLI utility called nextcloudcmd which is sometimes used for automated scripting and headless servers. Versions of nextcloudcmd prior to 3.6.1 would incorrectly trust invalid TLS certificates, which may enable a Man-in-the-middle attack that exposes sensitive data or...

UBUNTU-CVE-2022-39334

Nextcloud also ships a CLI utility called nextcloudcmd which is sometimes used for automated scripting and headless servers. Versions of nextcloudcmd prior to 3.6.1 would incorrectly trust invalid TLS certificates, which may enable a Man-in-the-middle attack that exposes sensitive data or...

CVE-2022-39334 nextcloudcmd incorrectly trusts bad TLS certificates

Nextcloud also ships a CLI utility called nextcloudcmd which is sometimes used for automated scripting and headless servers. Versions of nextcloudcmd prior to 3.6.1 would incorrectly trust invalid TLS certificates, which may enable a Man-in-the-middle attack that exposes sensitive data or...

CVE-2022-45868

The web-based admin console in H2 Database Engine before 2.2.220 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user or an attacker that has obtained local access through...

CVE-2022-20934

A vulnerability in the CLI of Cisco Firepower Threat Defense FTD Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper input validation for specific CLI commands...

Unblob - Extract Files From Any Kind Of Container Formats

unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive, compression, and file-system formats , extracts their content recursively , and carves out unknown chunks that have not been accounted for. Unblob is free to use ,...

The vulnerability of the command-line interface (CLI) of microprogramming software for Cisco TelePresence Collaboration Endpoint conference call control devices and Cisco RoomOS operating systems allows a hacker to overwrite arbitrary files.

The vulnerability of the command-line interface CLI of microprogramming software for Cisco TelePresence Collaboration Endpoint conference call controllers and Cisco RoomOS operating systems is related to access control deficiencies. Exploiting this vulnerability could allow a attacker to re-recor...

CVE-2022-37911

Due to improper restrictions on XML entities multiple vulnerabilities exist in the command line interface of ArubaOS. A successful exploit could allow an authenticated attacker to retrieve files from the local system or cause the application to consume system resources, resulting in a denial of...

CVE-2022-37911

CVE-2022-37911 involves ArubaOS where the command line interface is affected by an XML External Entity (XXE)–related flaw due to improper restrictions on XML entities. The issue can allow an authenticated attacker to read local files or exhaust resources, leading to a denial of service. Affected ...

CVE-2022-37902

Summary: CVE-2022-37902 is an authenticated command-injection vulnerability in ArubaOS CLI. The vulnerability enables execution of arbitrary commands with elevated privileges on the underlying OS, exploitable by an authenticated attacker over the network. Documents consistently name ArubaOS and i...

PT-2022-24136 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: The issue concerns authenticated command injection vulnerabilities in the ArubaOS command line interface. Successful exploitation allows attackers to execute arbitrary commands as a...

PT-2022-24134 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: The issue concerns authenticated command injection vulnerabilities in the ArubaOS command line interface. Successful exploitation allows attackers to execute arbitrary commands as a...

PT-2022-24145 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: A buffer overflow issue exists in the command line interface, which can be exploited to cause a denial of service on the affected system. Recommendations: At the moment, there is no...

PT-2022-24140 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: The issue is related to an authenticated path traversal vulnerability in the command line interface. This vulnerability can be exploited to delete arbitrary files on the underlying operatin...

CVE-2022-38372

A hidden functionality vulnerability CWE-1242 in FortiTester CLI 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow a local, privileged user to obtain a root shell on the device via an undocumented command...

The vulnerability of the command-line interface (CLI) of FortiOS operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the command-line interface CLI of FortiOS operating systems is related to the use of rigidly encrypted credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

Error: "File too large" when upload customized login schema xml file to ADC

1. When add login schema via ADC cli, below erro will prompt: 2. When add login schema via, below GUI error will show:...

Aruba Networks ArubaOS 路径遍历漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS that originates from authenticated path traversal in the command line...

Aruba Networks ArubaOS 安全漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS that originates from an authenticated buffer overflow in the command...

The vulnerability of the command-line interface of the Brocade Fabric OS allows a intruder to gain unauthorized access to protected information.

The vulnerability of the command-line interface of the Brocade Fabric OS is related to the disclosure of information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...