CVE-2018-20943

cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task SEC-352...

CVE-2018-20940

cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups SEC-342...

CVE-2018-20927

cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing SEC-382...

CVE-1999-1589

Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors...

Configure the Scripts Executed by crontab to Be Writable Only by Their Owners

crontab is the configuration file used by the system to execute scheduled tasks. The path of the configuration file is /etc/crontab. With crontab, the OS automatically executes the tasks defined by the administrator based on service requirements. Therefore, the execution scripts or programs...

CVE-2024-12390

A vulnerability in binary-husky/gptacademic version git 310122f allows for remote code execution. The application supports the extraction of user-provided RAR files without proper validation. The Python rarfile module, which supports symlinks, can be exploited to perform arbitrary file writes. Th...

Critical Flaws in Traccar GPS System Expose Users to Remote Attacks

Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal flaws and could be weaponized ...

Openmediavault Remote Code Execution / Local Privilege Escalation Exploit

Openmediavault versions prior to 7.0.32 have a vulnerability that occurs when users in the web-admin group enter commands on the crontab by selecting the root shell. As a result of exploiting the vulnerability, authenticated web-admin users can run commands with root privileges and receive revers...

n0Mac - Yet Another Mac Changer!!!

This script changes the MAC address of the network interface to a randomly generated address on system startup using crontab. It then uses the macchanger command to generate a list of MAC address vendors and selects one at random and then combines that vendor prefix with a randomly generated suff...

The vulnerability of crontabs in the macOS operating system allows a hacker to elevate their privileges to root level.

The vulnerability of crontabs in the macOS operating system relates to deficiencies in access control. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

D3m0n1z3dShell - Demonized Shell Is An Advanced Tool For Persistence In Linux

Demonized Shell is an Advanced Tool for persistence in linux. Install git clone https://github.com/MatheuZSecurity/D3m0n1z3dShell.git cd D3m0n1z3dShell chmod +x demonizedshell.sh sudo ./demonizedshell.sh One-Liner Install Download D3m0n1z3dShell with all files: curl -L...

CVE-2023-50922

An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the AdminToken cookie can execute arbitrary code by uploading a crontab-formatted file to a specific directory and waiting for its execution. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000...

CVE-2023-50922

An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the AdminToken cookie can execute arbitrary code by uploading a crontab-formatted file to a specific directory and waiting for its execution. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000...

CVE-2023-50922

An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the AdminToken cookie can execute arbitrary code by uploading a crontab-formatted file to a specific directory and waiting for its execution. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000...

Various GL.iNet products Security Breach

GL.iNet MT3000 and others are products of China-based GL.iNet GL.iNet.GL.iNet MT3000 is an AX3000 portable router that uses the Wi-Fi 6 protocol.GL.iNet MT2500 is a router.GL.iNet MT6000 is a router. A security vulnerability exists in various GL.iNet products that originated from a vulnerability...

How to auto execute shell command at a regular time every day using crontab

This article outlines the method to schedule a shell command at a regular time every day using crontab in an ADC...

SUSE CVE-2005-1038

crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235...

SUSE CVE-2012-6097

File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab...

SUSE CVE-2018-12029

A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passengerinstanceregistrydir with insufficiently strict permissions is configured. Replacing a file with a symlink after the file was created, but befor...

SUSE CVE-2019-9704

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service daemon crash via a large crontab file because the calloc return value is not checked...