12 matches found
EUVD-2022-53186
Malicious code in bioql PyPI...
The vulnerability of the requestTempFile function in the web interface of the unified console consolidation platform for backup and archiving FUJITSU ETERNUS CS8000 allows a hacker to execute arbitrary commands.
The vulnerability of the requestTempFile function in the web interface of the unified console consolidation platform for backup and archiving FUJITSU ETERNUS CS8000 relates to the possibility of executing commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary comman...
CVE-2022-31795
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the grelfinfo function in grel.php. An attacker is able to influence the username user, password pw, and file-name file parameters and inject special characters...
CVE-2022-31794
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hwview.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons,...
CVE-2022-31795
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the grelfinfo function in grel.php. An attacker is able to influence the username user, password pw, and file-name file parameters and inject special characters...
Design/Logic Flaw
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the grelfinfo function in grel.php. An attacker is able to influence the username user, password pw, and file-name file parameters and inject special characters...
Design/Logic Flaw
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hwview.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons,...
CVE-2022-31795
CVE-2022-31795 affects Fujitsu ETERNUS CentricStor CS8000 Control Center before 8.1A SP02 P04. The vulnerability resides in grel_finfo() in grel.php; an attacker can influence username (user), password (pw), and file-name (file) parameters to inject characters (e.g., semicolons, backticks, comman...
CVE-2022-31795
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the grelfinfo function in grel.php. An attacker is able to influence the username user, password pw, and file-name file parameters and inject special characters...
CVE-2022-31794
CVE-2022-31794 affects Fujitsu ETERNUS CentricStor CS8000 Control Center prior to 8.1A SP02 P04. The issue is in hw_view.php: the function requestTempFile can be influenced via the unitName POST parameter, allowing an attacker to inject special characters (e.g., semicolons, backticks, command-sub...
Fujitsu ETERNUS CentricStor CS8000 操作系统命令注入漏洞
The Fujitsu ETERNUS CentricStor CS8000 is a unified backup and archiving platform from Fujitsu, Japan. for mainframe and open systems backup, archiving, secondary and object storage. A security vulnerability exists in Fujitsu ETERNUS CentricStor CS8000 version 8.1A SP02 P04, which can be injected...
The vulnerability in the hw_view.php script of the web interface of the unified console consolidation platform for backup and archiving FUJITSU ETERNUS CS8000 allows a perpetrator to execute arbitrary code and gain elevated privileges.
The vulnerability of the hwview.php web interface of the unified console consolidation platform for backup and archiving FUJITSU ETERNUS CS8000 relates to the possibility of executing commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and gain elevated...