Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:49 a.m.16 views

CVE-2023-3267

When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with...

9.1CVSS7.8AI score0.01683EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/14 4:11 a.m.12 views

CVE-2023-3267

When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with...

9.1CVSS7.8AI score0.01683EPSS
Exploits0References1
CVE
CVE
added 2023/08/14 4:11 a.m.50 views

CVE-2023-3267

CVE-2023-3267 affects CyberPower PowerPanel Enterprise DCIM. The vulnerability is an OS command injection where an authenticated user can place arbitrary commands in the username field, which is passed un-sanitized into CMD running with SYSTEM privileges. This yields authenticated remote code exe...

9.1CVSS8.8AI score0.01683EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/14 4:11 a.m.35 views

CVE-2023-3267

When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with...

9.1CVSS9.6AI score0.01683EPSS
Exploits0References1
Rows per page
Query Builder