20 matches found
EUVD-2022-39484
Malicious code in bioql PyPI...
EUVD-2024-41390
Malicious code in bioql PyPI...
EUVD-2024-41391
Malicious code in bioql PyPI...
CVE-2022-36784
Elsight – Elsight Halo Remote Code Execution RCE Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution...
CVE-2024-45252
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'...
CVE-2024-45251
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'...
CVE-2024-45252
CVE-2024-45252: Elsight Halo contains an OS command injection vulnerability. The connected CNNVD entry attributes the flaw to improper handling of special elements in OS commands, affecting Halo version 11.7.1.5. The CVE is linked to CWE-78; CVSS3.1 vector in the Initial document indicates high i...
CVE-2024-45252 Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'...
CVE-2024-45251 Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'...
CVE-2024-45251 Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'...
Elsight Halo 操作系统命令注入漏洞
Elsight Halo is Elsight's drone operations management. An operating system command injection vulnerability exists in Elsight Halo version 11.7.1.5 that stems from improper handling of special elements in operating system commands...
PT-2024-31509 · Elfsight · Elsight
Name of the Vulnerable Software and Affected Versions: Elsight affected versions not specified Description: The issue is related to improper neutralization of special elements used in an OS command, also known as OS Command Injection. This is classified as CWE-78. Recommendations: At the moment,...
Elsight Halo 安全漏洞
Elsight Halo is Elsight's drone operations management. A security vulnerability exists in Elsight Halo version 11.7.1.5 that stems from mishandling of special elements in operating system commands, resulting in OS command injection...
CVE-2022-36784
Elsight – Elsight Halo Remote Code Execution RCE Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution...
Remote code execution
Elsight – Elsight Halo Remote Code Execution RCE Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution...
CVE-2022-36784
CVE-2022-36784 affects Elsight Halo: the web panel’s POST endpoint /api/v1/nics/wifi/wlan0/ping can be abused via the DESTINATION parameter to achieve remote code execution . Multiple connected sources describe a network-exposed RCE with high impact (confidentiality, integrity, and availability a...
CVE-2022-36784 Elsight – Elsight Halo Remote Code Execution (RCE)
Elsight – Elsight Halo Remote Code Execution RCE Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution...
CVE-2022-36784 Elsight – Elsight Halo Remote Code Execution (RCE)
Elsight – Elsight Halo Remote Code Execution RCE Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution...
Elsight Halo 安全漏洞
Elsight Halo is the drone operations management of Elsight, Inc. Elsight Halo suffers from a security vulnerability that stems from the fact that accessing the /api/v1/nics/wifi/wlan0/ping page via a POST request can be used to remotely execute code using the DESTINATION parameter...
PT-2022-23623 · Elfsight · Elsight Halo
Name of the Vulnerable Software and Affected Versions: Elsight Halo affected versions not specified Description: The Elsight Halo web panel allows connection validation through a POST request to /api/v1/nics/wifi/wlan0/ping, which can be exploited by abusing the DESTINATION parameter to achieve...