11 matches found
CVE-2026-44712
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $id/tmp/rce in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUID some controllers allow this can inject the payload a...
CVE-2026-44712
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $id/tmp/rce in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUID some controllers allow this can inject the payload a...
EUVD-2026-32662
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $id/tmp/rce in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUID some controllers allow this can inject the payload a...
CVE-2026-44712
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $id/tmp/rce in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUID some controllers allow this can inject the payload a...
CVE-2026-44712 pam_usb: Shell injection via device UUID and username in pamusb-conf and pamusb-agent
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $id/tmp/rce in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUID some controllers allow this can inject the payload a...
pam_usb 参数注入漏洞
pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 contained a parameter injection vulnerability. This vulnerability stems from the use of specially crafted UUIDs in configurations e.g., $id/tmp/rce,...
PT-2026-44112
Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.8.7 Description An issue exists in the hardware authentication system for Linux where shell injection can occur. A crafted UUID in the configuration can lead to root remote code execution when the pamusb-conf...
Remote Code Execution (RCE)
openshift-origin-node-util is vulnerable to remote code execution RCE attacks. The vulnerability exists as node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to execute arbitrary commands via a crafted uuid in the PATHINFO...
CVE-2012-5646
node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to execute arbitrary commands via a crafted uuid in the PATHINFO...
CVE-2012-5646
node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to execute arbitrary commands via a crafted uuid in the PATHINFO...
PT-2013-1820 · Red Hat · Red Hat Openshift Origin
Name of the Vulnerable Software and Affected Versions: Red Hat OpenShift Origin versions prior to 1.0.5-3 Description: The issue allows remote attackers to execute arbitrary commands via a crafted uuid in the PATH INFO. Recommendations: For versions prior to 1.0.5-3, update to version 1.0.5-3 or...