6 matches found
cskedah.uitm.edu.my Improper Access Control vulnerability
Open Bug Bounty ID: OBB-1145241 Security Researcher singhnitesh21 Helped patch 185 vulnerabilities Received 4 Coordinated Disclosure badges Received 4 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting cskedah.uitm.edu.my...
HP ThinPro 6.x / 7.x Citrix Command Injection Vulnerability
HP ThinPro - Citrix command injection =============================================================================== Identifiers ------------------------------------------------- CVE-2019-18909 CVSSv3 score ------------------------------------------------- 6.1 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N...
HP ThinPro 6.x / 7.x Citrix Command Injection
HP ThinPro - Citrix command injection =============================================================================== Identifiers ------------------------------------------------- CVE-2019-18909 CVSSv3 score ------------------------------------------------- 6.1 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N...
CVE-2019-18909
The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges...
CVE-2019-18909
HP ThinPro VPN command-injection (CVE-2019-18909) arises from unsafe handling of user input, enabling potential command execution with root privileges. Affected HP ThinPro Linux versions include 6.2, 6.2.1, 7.0, and 7.1 (Citrix-related component in 6.x/7.x). The issue is documented across multipl...
HPSBHF03642 rev. 2 - HP ThinPro Linux Information Disclosure and Privilege Escalation
Potential Security Impact Information Disclosure, Privilege Escalation, and Arbitrary Code Execution Source: HP, HP Product Security Response Team PSRT Reported by: Eldar Marcussen - xen1thLabs - Software Labs PSR-2019-0173, CVE-2019-16285, CVE-2019-16286, CVE-2019-16287, CVE-2019-18909,...