7 matches found
EUVD-2024-54921
Malicious code in bioql PyPI...
CVE-2024-13985
A command injection vulnerability in Dahua EIMS versions prior to 2240008 allows unauthenticated remote attackers to execute arbitrary system commands via the capturehandle.action interface. The flaw stems from improper input validation in the captureCommand parameter, which is processed without...
CVE-2024-13985 Dahua EIMS capture_handle.action RCE
A command injection vulnerability in Dahua EIMS versions prior to 2240008 allows unauthenticated remote attackers to execute arbitrary system commands via the capturehandle.action interface. The flaw stems from improper input validation in the captureCommand parameter, which is processed without...
CVE-2024-13985 Dahua EIMS capture_handle.action RCE
A command injection vulnerability in Dahua EIMS versions prior to 2240008 allows unauthenticated remote attackers to execute arbitrary system commands via the capturehandle.action interface. The flaw stems from improper input validation in the captureCommand parameter, which is processed without...
CVE-2024-13985
CVE-2024-13985 – Dahua EIMS : A command injection flaw affects Dahua EIMS versions prior to 2240008. The issue stems from improper input validation of the captureCommand parameter in the capture_handle.action API, allowing unauthenticated remote attackers to inject OS commands and potentially ful...
VulnCheck KEV: CVE-2024-13985
A command injection vulnerability in Dahua EIMS versions prior to 2240008 allows unauthenticated remote attackers to execute arbitrary system commands via the capturehandle.action interface. The flaw stems from improper input validation in the captureCommand parameter, which is processed without...
Command Execution Vulnerability in Dahua EIMS System of Zhejiang Dahua Technology Co.
Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. A command execution vulnerability exists in the Dahua EIMS system of Zhejiang Dahua Technology Co. Ltd, which can be exploited by attackers to gain server...