PT-2024-4087 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 6.0 through 7.4.2 Description: A stack-based buffer overflow in the command line interpreter of FortiOS allows an attacker to execute unauthorized code or commands via specially crafted command line arguments. This...

Fortinet FortiOS Security Vulnerabilities

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A security...

CVE-2024-23669

An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI...

Fortinet FortiWebManager Authorization Issues Vulnerability

Fortinet FortiWebManager is a Web application firewall from the U.S. company Fiat Fortinet. Fortinet FortiWebManager suffers from an authorization issue vulnerability that can be exploited by an attacker to execute unauthorized code or commands via HTTP requests or the CLI...

CVE-2024-23670

An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI...

The vulnerability of the Command Line Interface (CLI) of the Cisco Network Services Orchestrator software environment allows a malicious actor to elevate their privileges to the root user level. This vulnerability enables a hacker to gain control over network elements called ConfD.

The vulnerability of the command-line interface CLI of the Cisco Network Services Orchestrator software environment relates to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root user level...

OESA-2024-1659 python-tqdm security update

tqdm derives from the Arabic word taqaddum which can mean "progress". Instantly make your loops show a smart progress meter - just wrap any iterable with tqdminterable, and you are done! Security Fixes: tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments...

Fortinet Fortigate - Format String in CLI command (FG-IR-23-413)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-413 advisory. - A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.1 and below, version 7.2.7 and...

The vulnerability of the command-line interface of FortiOS operating systems allows a hacker to execute arbitrary code by sending specially crafted requests.

The vulnerability of the command-line interface of FortiOS operating systems is related to the use of uncontrolled format lines when processing binary files. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially crafted requests...

Cisco Crosswork Network Services Orchestrator 安全漏洞

Cisco Crosswork Network Services Orchestrator is a network automation and orchestration platform from Cisco. A security vulnerability exists in the Cisco Crosswork Network Services Orchestrator CLI, ConfD CLI, which arises from improper execution of authorization when using certain CLI commands a...

PT-2024-3855 · Cisco · Cisco Crosswork Network Services Orchestrator

Name of the Vulnerable Software and Affected Versions: ConfD versions affected versions not specified Cisco Crosswork Network Services Orchestrator versions affected versions not specified Description: A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI coul...

CVE-2024-31483

An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system...

CVE-2024-31480

Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service...

CVE-2024-31481

Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service...

CVE-2024-31477

Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...

CVE-2024-31467

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these vulnerabilities resul...

CVE-2024-31466

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these vulnerabilities resul...

Aruba Networks ArubaOS 和 InstantOS 安全漏洞

Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc.Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches. Aruba Networks InstantOS is an Arch Linux-based distribution...

PT-2024-24114 · Hewlett Packard +1 · Aos-8 Instant/Aos-10 Ap +4

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these...

PT-2024-24113 · Hewlett Packard +1 · Aos-8 Instant/Aos-10 Ap +4

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these...