Command Execution Vulnerability in BHW L7 Cloud Route Wireless Operations Edition (CNVD-2021-41531)

BHW L7 Cloud Road Wireless Operations Edition is a dedicated network device uniquely designed for commercial wireless managers in hotels, resorts, shopping malls and stations. The device is equipped with multiple functions such as routing, firewall, flow control, wireless AC controller, and WeCha...

Command Execution Vulnerability in EyouCms (CNVD-2021-41520)

EyouCms is based on the TP5.0 framework for the core development of free open source enterprise content management system, focusing on enterprise station user needs, providing a large number of templates in various industries, reducing the construction of small and medium-sized enterprises, netwo...

Command Execution Vulnerability in Ruijie Networks EG Easy Gateway

Ruijie Networks is a specialized network vendor with a full range of network equipment product lines and solutions, including switches, routers, software, security firewalls, wireless products, storage, and more. A command execution vulnerability exists in Ruijie Networks EG Easy Gateway, which c...

Command Execution Vulnerability in NS-NGFW of Next Generation Firewall of Beijing Netcom Technology Company Limited (CNVD-2021-40218)

Next Generation Firewall NS-NGFW is a high-performance application layer firewall launched by Netcom Technology that can comprehensively deal with network threats. A command execution vulnerability exists in NS-NGFW, which can be exploited by an attacker to gain server control privileges...

Command Execution Vulnerability in SecGate 3600

NetShen Information Technology Beijing Co., Ltd. was founded on February 08, 2006, and its business scope includes technology development, technology consulting, technology transfer, technology service; economic and trade consulting; investment consulting, etc. A command execution vulnerability...

Command Execution Vulnerability in H2 Console at Hangzhou Hikvision Digital Technology Co.

Hangzhou Hikvision Digital Technology Co., Ltd. is a video-centered Internet of Things solution provider, offering integrated security, smart business and big data services. A command execution vulnerability exists in the H2 console of Hangzhou Hikvision Digital Technology Co. Ltd, which can be...

CVE-2021-32614

A flaw was found in dmg2img through 20170502. fillmishblk does not check the length of the read buffer, and copy 0xCC bytes from it. The length of the buffer is controlled by an attacker. By providing a length smaller than 0xCC, memcpy reaches out of the malloc'ed bound. This possibly leads to...

Command execution vulnerability exists in Yii2 (CNVD-2021-40140)

Yii2 is a component-based PHP framework for rapid development of modern web applications. Yii2 suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...

Command Execution Vulnerability in PatrolFlow Multiservice Security Gateway Intelligent Management Platform

PatrolFlow is a multi-service security gateway intelligent management platform of Beijing Byzoro Network Technology Co. A command execution vulnerability exists in PatrolFlow Multi-service Security Gateway Intelligent Management Platform, which can be exploited by an attacker to gain control of t...

ESPCMS suffers from a command execution vulnerability (CNVD-2021-39839)

ESPCMS is an enterprise building management system based on PHP+MYSQL. A command execution vulnerability exists in ESPCMS, which can be exploited by attackers to gain control of the server...

Command Execution Vulnerability in Tianrongxin Access Gateway System (CNVD-2021-39841)

Skyrise Technology Group is a provider of network security, big data and cloud services. A command execution vulnerability exists in the Tianrongxin Access Gateway system, which can be exploited by an attacker to gain control of a server...

OPENSUSE-SU-2021:0788-1 Security update for mpv

This update for mpv fixes the following issues: - CVE-2021-30145: Fixed format string vulnerability allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file boo1186230...

Command execution vulnerability in nginxWebUI

nginxWebUI is an open source tool for the web. A command execution vulnerability exists in nginxWebUI. An attacker can exploit the vulnerability to execute arbitrary system commands...

Command Execution Vulnerability in CareyShop

CareyShop referred to as CS is an open source mall framework based on ThinkPHP framework development system. A command execution vulnerability exists in CareyShop. An attacker can exploit this vulnerability to gain control of the web server...

Command Execution Vulnerability in China Mobile's Third-Party IPTV Management System

China Mobile is a GSM-based mobile communications operator, and is one of the "Big Three" telecom operators along with China Unicom and China Telecom. A command execution vulnerability exists in the third-party IPTV management system of China Mobile, which can be exploited by attackers to gain...

Command Execution Vulnerability in Amami Digital Hotel's Broadband Operations System

Ammed Century Beijing Technology Co., Ltd. is a digital service solution provider and digital content operation service provider for star-rated hotels. A command execution vulnerability exists in Ammed's digital hotel broadband operation system. An attacker can exploit this vulnerability to gain...

Command Execution Vulnerability in TopIDP, an Intrusion Prevention System of Tianrongxin

TopIDP, the intrusion prevention system of TIANRONGXIN, is a network security protection product that defends against all kinds of attack threats in the network and protects customers' network IT service resources in real time. There is a command execution vulnerability in TopIDP. An attacker can...

Command Execution Vulnerability in H3C Intelligent Management Center

H3C Intelligent Management Center hereinafter referred to as H3C iMC is a business intelligence management platform. A command execution vulnerability exists in H3C Intelligent Management Center. An attacker can exploit the vulnerability to cause remote command execution by constructing a special...

Extreme CMS suffers from a code execution vulnerability (CNVD-2021-39004)

Extreme CMS is developed by Langfang Extreme Networks Technology Co., Ltd. using php an open source web content management system. Extreme CMS has a code execution vulnerability that can be exploited by attackers to execute arbitrary code...

Command execution vulnerability in YCCMS (CNVD-2021-37966)

YCCMS is a PHP version of a lightweight CMS builder. YCCMS has a command execution vulnerability that can be exploited by attackers to gain control of the server...