PT-2024-7160 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.478 and earlier, LTS 2.462.2 and earlier Description: The issue is related to insufficient access control in Jenkins, allowing attackers to bypass item creation restrictions. If an attempt is made to create an item of a...

CVE-2024-8448

Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell...

CVE-2024-8448

Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell...

CVE-2024-8448

PLANET Technology switch models are affected by CVE-2024-8448 due to a hard-coded credential in the CLI, enabling remote attackers with regular privileges to login and obtain a Linux root shell. The vulnerability affects certain PLANET switches (specific models not publicly detailed in the source...

Nessus 跨站脚本漏洞

Tenable Network Security Nessus is an open source system vulnerability scanner from Tenable Network Security. Nessus suffers from a cross-site scripting vulnerability that stems from Nessus Network Monitor being susceptible to a stored cross-site scripting attack, where an authenticated,...

PLANET switch devices 信任管理问题漏洞

PLANET switch devices are a family of switch devices from PLANET Corporation in China. A trust management issue vulnerability exists in PLANET switch devices, which arises from hard-coded credentials in a particular command line interface, allowing a remote attacker with regular privileges to log...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

EN Is a Proof of Concept PoC script to check for vulnerabil...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

EN Is a Proof of Concept PoC script to check for vulnerabil...

PT-2024-39018 · Planet Technology · Planet Technology Switch

Name of the Vulnerable Software and Affected Versions: PLANET Technology switch models affected versions not specified Description: The issue concerns a hard-coded credential in the command-line interface of certain switch models from PLANET Technology. This allows remote attackers with regular...

PT-2024-10341 · Fortinet · Fortirecorder

Name of the Vulnerable Software and Affected Versions: Fortinet FortiRecorder versions 7.2.0 through 7.2.1 Fortinet FortiRecorder versions prior to 7.0.4 Description: The issue is related to a path traversal vulnerability, which allows a privileged attacker to access and delete files from the...

CVE-2024-20437

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for...

CVEs

It is an offensive tool for web exploitation. This repository co...

Could not open websocket connection please try by login again /nsconfig/sshd_config.

After Upgrade to 13.1 53.17, the customer is not able to do several actions in the Netscaler, including generate the support bundle from the GUI or connect to the CLI through the GUI, error: Could not open websocket connection. Please try by login again...

CVE-2024-42503 Authenticated Remote Command Execution (RCE) Vulnerability in the Lua Package Within the AOS Command Line Interface (CLI)

Authenticated command execution vulnerability exist in the ArubaOS command line interface CLI. Successful exploitation of this vulnerabilities result in the ability to run arbitrary commands as a priviledge user on the underlying operating system...

CVE-2024-42502 Authenticated Remote Command Execution (RCE) Vulnerability in the AOS Command Line Interface

Authenticated command injection vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability result in the ability to inject shell commands on the underlying operating system...

CVE-2024-42502 Authenticated Remote Command Execution (RCE) Vulnerability in the AOS Command Line Interface

Authenticated command injection vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability result in the ability to inject shell commands on the underlying operating system...

The vulnerability of the command-line interface of the Cisco NX-OS operating system in Cisco Nexus switches allows a perpetrator to execute arbitrary commands.

The vulnerability of the command-line interface of the Cisco NX-OS operating system in Cisco Nexus switches exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability can allow an attacker to execute arbitrary commands on the basic operating system...

CVE-2024-8688 PAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI)

An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface CLI enables authenticated administrators including read-only administrators with access to the CLI to to read arbitrary files on the firewall...

CVE-2024-8688

CVE-2024-8688: A local, authenticated-admin vulnerability in Palo Alto Networks PAN-OS CLI allows reading arbitrary files on the firewall via improper neutralization of matching symbols. Affected PAN-OS versions include PAN-OS 9.1.x before 9.1.15, 10.0.x before 10.0.10, and 10.1.x before 10.1.1 (...

PAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI)

An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface CLI enables authenticated administrators including read-only administrators with access to the CLI to to read arbitrary files on the firewall. Work around: No work around available...