1775 matches found
GHSA-66M2-493M-CRH2 Searchor CLI's Search vulnerable to Arbitrary Code using Eval
An issue in Arjun Sharda's Searchor before version v.2.4.2 allows an attacker to execute arbitrary code via a crafted script to the eval function in Searchor's src/searchor/main.py file, affecting the search feature in Searchor's CLI Command Line Interface. Impact Versions equal to, or below 2.4....
PT-2023-28807 · Searchor · Searchor
Name of the Vulnerable Software and Affected Versions: Searchor versions prior to 2.4.2 Description: The issue allows an attacker to execute arbitrary code via a crafted script to the eval function in Searchor's main.py file, affecting the search feature in Searchor's Command Line Interface. This...
OESA-2023-1627 rubygem-railties security update
Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manages rails command line interface; provides Rails generators core; Security Fixes:...
canTot
This is a Python-based CLI framework called "canTot" that is designed for CAN Bus hacking and exploitation. It is similar to an exploit framework but focused on known CAN Bus vulnerabilities or "fun CAN Bus hacks." The framework is made up of several modules, each with its own specific...
The vulnerability of the command-line interface of Cisco ThousandEyes Enterprise Agent allows a hacker to elevate their privileges to the root level.
The vulnerability of the command-line interface of Cisco ThousandEyes Enterprise Agent software relates to the implementation or modification of arguments. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...
CVE-2023-39267
An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. Successful exploitation results in a Denial-of-Service DoS condition in the switch...
CVE-2023-39267 Authenticated Denial of Service Vulnerability in ArubaOS-Switch Command Line Interface
An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. Successful exploitation results in a Denial-of-Service DoS condition in the switch...
CVE-2023-39267 Authenticated Denial of Service Vulnerability in ArubaOS-Switch Command Line Interface
An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. Successful exploitation results in a Denial-of-Service DoS condition in the switch...
VMware Aria Operations 加密问题漏洞
VMware Aria Operations is a unified, AI-powered, self-driving IT operations management platform for private, hybrid and multi-cloud environments from VMware. Aria Operations for Networks has a security vulnerability that stems from a lack of unique cryptographic key generation, resulting in an...
PT-2023-26857 · Aruba · Arubaos-Switch
Name of the Vulnerable Software and Affected Versions: ArubaOS-Switch affected versions not specified Description: An authenticated remote code execution issue exists in the command line interface of ArubaOS-Switch. Successful exploitation can result in a Denial-of-Service DoS condition in the...
The vulnerability of the command-line interface (CLI) of D-Link DAP-2622 wireless access point’s software allows a hacker to gain increased privileges.
The vulnerability of the command-line interface CLI of D-Link DAP-2622 wireless access point’s microprogramming software relates to the possibility of using rigidly encoded credentials. Exploiting this vulnerability allows a malicious actor to enhance their privileges by bypassing the...
PT-2023-5034 · Cisco · Cisco Fxos
Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software affected versions not specified Description: A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device,...
CVE-2023-29182
A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections...
PT-2023-7251 · Zyxel · Zyxel Usg Flex Series +3
Name of the Vulnerable Software and Affected Versions: Zyxel ATP series version 5.37 Zyxel USG FLEX series version 5.37 Zyxel USG FLEX 50W series version 5.37 Zyxel USG20W-VPN series version 5.37 Description: A buffer overflow issue in the firmware could allow an authenticated local attacker with...
Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation by the operating system CLI. An attacker cou...
PT-2023-17416 · Cisco · Cisco Thousandeyes Enterprise Agent
Name of the Vulnerable Software and Affected Versions: Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type affected versions not specified Description: A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker to elevate...
CVE-2023-3718
An authenticated command injection vulnerability exists in the AOS-CX command line interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands on the underlying operating system as a privileged user on the affected switch. This allows an attacker ...
PT-2023-25820 · Aruba · Aos-Cx
Name of the Vulnerable Software and Affected Versions: AOS-CX affected versions not specified Description: An authenticated command injection issue exists in the command line interface, allowing successful exploitation to execute arbitrary commands on the underlying operating system as a privileg...
The vulnerability of the command-line interface of FortiOS operating systems allows a hacker to execute arbitrary commands.
The vulnerability of the command-line interface in FortiOS systems is related to incorrect session duration settings. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the command-line interface of the FortiExtender signal booster software allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the command-line interface of the FortiExtender signal booster software is related to incorrect restrictions on the path name to the restricted-access directory. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protecte...