4 matches found
CVE-2022-42457
Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches runupdate in /usr/bin/gxserve-update.sh e.g., command execution can occur via a reverse shell installed by install.sh...
Generex UPS Adapter CS141 Authenticated Remote Code Execution (CVE-2022-42457)
Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches runupdate in /usr/bin/gxserve-update.sh e.g., command execution can occur via a reverse shell installed by install.sh. This plugin only works with Tenable.ot. Please visit...
CVE-2022-42457
Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches runupdate in /usr/bin/gxserve-update.sh e.g., command execution can occur via a reverse shell installed by install.sh...
CVE-2022-42457
Generex CS141 (UPS Adapter) has a remote code execution in versions up to 2.10 via the web interface calling run_update in /usr/bin/gxserve-update.sh, which extracts and executes install.sh from a tarball (untested tarball payload). Public evidence across multiple sources (RH advisory, CNVD, CNNV...