CVE-2020-36986

Prey 1.9.6 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the CronService to insert malicious code that would execute during application startup or system reboot...

CVE-2020-36986 Prey 1.9.6 - "CronService" Unquoted Service Path

Prey 1.9.6 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the CronService to insert malicious code that would execute during application startup or system reboot...

EUVD-2020-30894

Prey 1.9.6 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the CronService to insert malicious code that would execute during application startup or system reboot...

PT-2026-5112

Prey 1.9.6 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the CronService to insert malicious code that would execute during application startup or system reboot...

Configure at and cron Services Properly

The at service is used to execute simple tasks once, and the cron service is used to execute periodic and scheduled tasks. In the cron command, the /etc/cron.deny file is the blocklist configuration file, and the /etc/cron.allow file is the allowlist configuration file, which is absent by default...

Openmediavault < 0.5.32 Privilege Escalation Vulnerability

Openmediavault is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Prey 1.9.6 Unquoted Service Path

Exploit Title: Prey 1.9.6 - "CronService" Unquoted Service Path Discovery by: Ömer Tuygun Discovery Date:16.10.2020 Vendor Homepage: https://preyproject.com/ Software Link: https://preyproject.com/download/ Tested Version: 1.9.6 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 P...

CVE-2013-3632

The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter...

Command injection

The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter...

CVE-2013-3632

The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter...

CVE-2013-3632

CVE-2013-3632 concerns OpenMediaVault’s rpc.php Cron service, where an authenticated user can schedule cron jobs as arbitrary users and execute commands via the username parameter. The connected sources confirm practical exploitation via Metasploit modules targeting OpenMediaVault, describing rem...