How to Change the Maximum Segment Size on a NetScaler Appliance

This article describes how to change the Maximum Segment Size MSS for all sourced packets from a NetScaler appliance. Requirements Command line access to the NetScaler appliance through the console or a Secure Shell SSH client General knowledge of the NetScaler Command Line Interface CLI and UNIX...

The vulnerability of the command-line interface (CLI) of the FortiADC application controller allows a attacker to execute arbitrary commands.

The vulnerability of the command-line interface CLI of the FortiADC application controller is related to the lack of measures taken to neutralize special elements used in operating system commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

The vulnerability of the command-line interface (CLI) of microprogramming software for Cisco TelePresence Collaboration Endpoint conference connection devices and Cisco RoomOS operating systems arises from lack of access control mechanisms. This allows attackers to circumvent access restrictions.

The vulnerability of the command-line interface CLI of microprogramming software for Cisco TelePresence Collaboration Endpoint conference call controllers and Cisco RoomOS operating systems is related to access control deficiencies. Exploiting this vulnerability can allow attackers to bypass acce...

The vulnerability of the command-line interface (CLI) of Cisco Expressway micro-programming software and the Cisco TelePresence Video Communication Server (VCS) micro-programming software for device management allows a perpetrator to gain increased privileges.

The vulnerability of the command-line interface CLI of Cisco Expressway micro-programming software and the Cisco TelePresence Video Communication Server VCS micro-programming software for device management involves shortcomings in role-based access control. Exploiting this vulnerability can allow...

CVE-2023-26210

Multiple improper neutralization of special elements used in an os command 'OS Command Injection' vulnerabilties CWE-78 vulnerability in Fortinet allows a local authenticated attacker to execute arbitrary shell code as root user via crafted CLI requests...

PT-2023-3233 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.0 through 7.2.3 FortiProxy versions 1.0 through 7.2.2 Description: The issue is related to an out-of-bounds write in memory, which can be exploited to allow an attacker to escalate their privileges. This can be achieved via...

PT-2023-3350 · Fortinet · Fortiadcmanager +1

Name of the Vulnerable Software and Affected Versions: FortiADC Manager versions prior to 7.1.0 FortiADC versions 7.0.0 through 7.1.2 FortiADC version 7.2.0 Description: The issue is related to the improper neutralization of special elements used in an operating system command, which can be...

CVE-2023-2013

An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. An issue was found that allows someone to abuse a discrepancy between the Web application display a...

The vulnerability of the command-line interface (CLI) of microprogramming software for Cisco TelePresence Collaboration Endpoint devices and Cisco RoomOS operating systems, related to access control deficiencies, allows a perpetrator to rerecord arbitrary files.

The vulnerability of the command-line interface CLI of microprogramming software for Cisco TelePresence Collaboration Endpoint devices and Cisco RoomOS operating systems is related to access control deficiencies. Exploiting this vulnerability could allow a attacker to re-record arbitrary files...

PT-2023-3112 · Cisco · Cisco Telepresence Video Communication Server +1

Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series versions affected versions not specified Cisco TelePresence Video Communication Server VCS versions affected versions not specified Description: The issue is related to insufficient role-based access control in the CLI...

CVE-2023-2013

CVE-2023-2013 affects GitLab CE/EE with versions starting from 1.2 up to 15.10.8, versions from 15.11 up to 15.11.7, and 16.0 up to 16.0.2. The issue arises from a discrepancy between the web application display and the Git CLI, which can be abused to social engineer victims into cloning non-trus...

Silicon Labs Gecko SDK 安全漏洞

The Silicon Labs Gecko SDK GSDK is an open source library from Silicon Labs. Combines the Silicon Labs Wireless Software Development Kit SDK and the Gecko platform into one integrated package. A security vulnerability exists in Silicon Labs Gecko SDK v4.2.1 and prior versions, which stems from a...

The vulnerability of the command-line interface (CLI) of the Cisco Email Security Appliance allows a perpetrator to execute arbitrary commands.

The vulnerability of the command-line interface CLI of the Cisco Email Security Appliance relates to the lack of measures taken to neutralize special elements used in operating system commands. Exploiting this vulnerability can allow an attacker to execute arbitrary commands...

The vulnerability of the command-line interface (CLI) of Cisco NX-OS and Cisco FXOS routers of Cisco UCS Fabric Interconnect allows a attacker to execute arbitrary code.

The vulnerability of the command-line interface CLI of Cisco NX-OS and Cisco FXOS router operating systems from Cisco UCS Fabric Interconnect is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code with root privileges on the...

The vulnerability of the command-line interface of the Aruba EdgeConnect Enterprise network management platform allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of the command-line interface of the Aruba EdgeConnect Enterprise network management platform exists due to the lack of measures taken to neutralize special elements used in the operating system’s command line. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of the Command Line Interface (CLI) of the Cisco Identity Services Engine (ISE) management platform allows a hacker to escape from the isolated software environment and elevate their privileges to the root level.

The vulnerability of the Command Line Interface CLI of the Cisco Identity Services Engine ISE management platform relates to deficiencies in the name checking of paths to restricted directories. Exploiting this vulnerability could allow an attacker to exit from a isolated software environment and...

The vulnerability of the Command Line Interface (CLI) of the Cisco Identity Services Engine (ISE) management platform allows a hacker to execute arbitrary commands and elevate their privileges to the root level.

The vulnerability of the Command Line Interface CLI of the Cisco Identity Services Engine ISE platform exists because measures are not taken to neutralize the special commands used in the operating system command line. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

Jenkins: Temporary file parameter created with insecure permissions

A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the defau...

Jenkins: Temporary file parameter created with insecure permissions

A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the defau...

CVE-2023-30503

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the...