EUVD-2022-29031

Malicious code in bioql PyPI...

Riello UPS Restricted Shell Bypass Vulnerability

Riello UPS systems can have their restricted configuration shell bypassed to gain full underlying operating system access. I. VULNERABILITY ------------------------- Riello UPS systems allow to easily escape the configuration shell and get access to the operating system II. VENDOR...

CVE-2022-24119

Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0...

CVE-2022-24119

Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0...

CVE-2022-24119

Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0...

CVE-2022-24119

The CVE-2022-24119 entry affects General Electric Renewable Energy iNET and iNET II radios with firmware before 8.3.0, due to a hidden, undocumented feature that allows unauthenticated remote access to the device configuration shell (CWE-912). This can enable full control of the configuration ove...

PT-2022-3898 · General Electric · Inet +1

Name of the Vulnerable Software and Affected Versions: General Electric Renewable Energy iNET versions prior to 8.3.0 General Electric Renewable Energy iNET II versions prior to 8.3.0 Description: The issue is related to the presence of undocumented configuration commands in the software of Gener...

CVE-2021-37915

An issue was discovered on the Grandstream HT801 Analog Telephone Adaptor before 1.0.29.8. From the limited configuration shell, it is possible to set the malicious gdbdebugserver variable. As a result, after a reboot, the device downloads and executes malicious scripts from an attacker-defined...

Design/Logic Flaw

An issue was discovered on the Grandstream HT801 Analog Telephone Adaptor before 1.0.29.8. From the limited configuration shell, it is possible to set the malicious gdbdebugserver variable. As a result, after a reboot, the device downloads and executes malicious scripts from an attacker-defined...

CVE-2021-37915

The CVE-2021-37915 entry affects Grandstream HT801 Analog Telephone Adapters prior to firmware 1.0.29.8. The root cause is in the limited configuration shell, where an attacker can set the gdb_debug_server variable during configuration; after reboot, the device downloads and executes scripts from...

CVE-2021-37915

An issue was discovered on the Grandstream HT801 Analog Telephone Adaptor before 1.0.29.8. From the limited configuration shell, it is possible to set the malicious gdbdebugserver variable. As a result, after a reboot, the device downloads and executes malicious scripts from an attacker-defined...

Cisco Meeting Server CLI Command Injection Vulnerability

Cisco Meeting Server is a video conferencing solution from Cisco that combines place-based video, audio, and Web communications to meet the collaboration needs of the modern workplace. A command injection vulnerability exists in the CLI configuration shell of Cisco Meeting Server. The vulnerabili...

Brocade Fabric OS Restricted Configuration Shell Bypass Vulnerability

Fabric OS is the firmware for Brocade Communications Systems' Fibre Channel switches and Fibre Channel controllers. A restricted configuration shell bypass vulnerability exists in the Secure Shell implementation of Brocade Fabric OS before 8.2.1, 8.1.2f, 8.0.2f, and 7.4.2d. A local attacker can...

Authentication flaw

A vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted configuration shell...

CVE-2018-6441

A vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted configuration shell...