CVE-2026-44260 efw4.X: readonly Flag Not Enforced Server-Side

efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...

PT-2026-40446

Name of the Vulnerable Software and Affected Versions efw4.X versions prior to 4.08.010 Description The readonly flag in the '' JSP tag is intended to prevent file modifications. When protected=true, the elfinder checkRisk function ensures the client sends readonly=true to match the session value...

EFW Framework 命令注入漏洞

EFW Framework is an enterprise-level web development framework developed by the efw group, based on Ajax and server-side JavaScript. Versions of the EFW Framework prior to 4.08.010 contained a command injection vulnerability. This vulnerability stemmed from the lack of proper path checking in...

EFW Framework 操作系统命令注入漏洞

EFW Framework is an enterprise-level web development framework developed by the efw group, based on Ajax and server-side JavaScript. Versions prior to EFW Framework 4.08.010 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the lack of...

EFW Framework 安全漏洞

EFW Framework is an enterprise-level web development framework developed by the efw group, based on Ajax and server-side JavaScript. Versions of the EFW Framework prior to 4.08.010 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the “readonly” flag only...

EFW Framework 安全漏洞

EFW Framework is an enterprise-level web development framework developed by the efw group, based on Ajax and server-side JavaScript. Versions of the EFW Framework prior to 4.08.010 contained security vulnerabilities. These vulnerabilities stemmed from the previewServlet not performing content...

PT-2026-34971

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA fireworks component where the system fails to properly validate the status field in an EFW response. This field is a 32-bit value supplied by the firewire...

CVE-2026-0123

In EfwApTransport::ProcessRxRing of efwaptransport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0123

In EfwApTransport::ProcessRxRing of efwaptransport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0123

In EfwApTransport::ProcessRxRing of efwaptransport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0123

In EfwApTransport::ProcessRxRing of efwaptransport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-24452

In EfwApTransport::ProcessRxRing of efw ap transport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-430693465

In EfwApTransport::ProcessRxRing of efwaptransport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

efw (=0.1.0) potentially affected by CVE-2020-36209 via late-static (=0.3.0)

late-static CARGO version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on late-static and may be impacted: - efw =0.1.0 Source cves: CVE-2020-36209 Source advisory: OSV:GHSA-WR55-MF5C-HHWM...

CVE-2021-27201

CVE-2021-27201 affects Endian Firewall Community (EFW) 3.3.2. The vulnerability allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in a backup comment. The connected sources (NVD, Red Hat, CVE listing) confirm the issue; no remediation details are provided...

efw (=0.1.0) potentially affected by CVE-2020-36209 via late-static (=0.3.0)

late-static CARGO version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on late-static and may be impacted: - efw =0.1.0 Source cves: CVE-2020-36209 Source advisory: OSV:RUSTSEC-2020-0102...

Endian Firewall Proxy Password Change Command Injection Exploit

This Metasploit module exploits an OS command injection vulnerability in a web-accessible CGI script used to change passwords for locally-defined proxy user accounts. Valid credentials for such an account are required. Command execution will be in the context of the "nobody" account, but this...

Endian Firewall - Password Change Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Endian Firewall Proxy Password Change Command Injection', 'Description' = %q This module exploits an OS command injection...

Endian Firewall < 3.0.0 - OS Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Endian Firewall %q This module exploits an OS command injection vulnerability in a web-accessible CGI script used to change password...

CVE-2007-2053

Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via 1 a long LastModified value in an S3 XML response in lib/s3.cpp; 2 a long a path or b bucket in an S3 URL in lib/vnodes3.cpp; or 3 a long c...