DOMOS 5.5 - Local File Inclusion

SECUDOS DOMOS before 5.6 allows local file inclusion via the log module. id: CVE-2019-18665 info: name: DOMOS 5.5 - Local File Inclusion author: 0xAkoko severity: high description: | SECUDOS DOMOS before 5.6 allows local file inclusion via the log module. impact: | Successful exploitation of this...

CVE-2019-18664

The Log module in SECUDOS DOMOS before 5.6 allows XSS...

CVE-2019-18665

The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion...

EUVD-2019-8381

Malware in sbrugna...

EUVD-2023-44932

Malicious code in bioql PyPI...

CVE-2020-14293

confdatetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field obtained from the web interface...

CVE-2023-40361

SECUDOS Qiata DOMOS OS 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user...

CVE-2023-40361

SECUDOS Qiata DOMOS OS 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user...

CVE-2023-40361

SECUDOS Qiata DOMOS OS 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user...

Design/Logic Flaw

SECUDOS Qiata DOMOS OS 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user...

CVE-2023-40361

CVE-2023-40361 affects SECUDOS Qiata (DOMOS OS) 4.13. The issue arises from insecure permissions on the previewRm.sh daily cronjob: every user on the system has write access to previewRm.sh, which is executed by root, enabling a low-privilege user to modify the script and potentially escalate pri...

CVE-2023-40361

SECUDOS Qiata DOMOS OS 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user...

CVE-2023-40361

SECUDOS Qiata DOMOS OS 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user...

secudos qiata fta security breach

secudos qiata fta is a secure file transfer software from Secudos Germany. The software is suitable for file operations between teams and complies with the GDPR protocol for data security. A security vulnerability exists in SECUDOS Qiata version 4.13, which stems from the presence of insecure...

CVE-2020-14293

confdatetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field obtained from the web interface...

CVE-2020-14293

confdatetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field obtained from the web interface...

Design/Logic Flaw

confdatetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field obtained from the web interface...

CVE-2020-14293

confdatetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field obtained from the web interface...

CVE-2020-14293

CVE-2020-14293 affects Secudos DOMOS 5.8 (OS Command Injection). The issue arises from insufficient input validation of user-provided data, allowing remote attackers to inject shell commands via the zone field in the web interface, potentially gaining root privileges. Public disclosures and advis...

DOMOS 5.8 Command Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2020-025 Product: DOMOS Manufacturer: Secudos GmbH Affected Versions: = DOMOS 5.8 Tested Versions: DOMOS 5.8 Vulnerability Type: OS Command Injection CWE-78 Risk Level: Low Solution Status: Solved Manufacturer Notification:...