CVE-2026-7461

Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the underlying host via a...

GHSA-FC67-C4HG-Q653 Amazon ECS Container Agent (Windows) is vulnerable to Information Disclosure

Summary Amazon Elastic Container Service Amazon ECS is a fully managed container orchestration service that enables customers to deploy, manage, and scale containerized applications. An issue exists where, under certain circumstances, improper input validation in the FSx Windows File Server volum...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the username field in the FSx Windows File Server volume mounting process. An attacker can execute arbitrary shell commands with SYSTEM privileges on the underlying host by supplying specially crafted input. This i...

CVE-2026-7461 OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume Credentials

Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the underlying host via a...

CVE-2026-7461

CVE-2026-7461 affects the FSx Windows File Server volume mounting component inside Amazon ECS Agent on Windows, prior to version 1.103.0. The root cause is improper neutralization of inputs used in an OS command, allowing a remote authenticated actor to run shell commands with SYSTEM privileges o...

CVE-2026-7461 OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume Credentials

Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the underlying host via a...

PT-2026-36165

Name of the Vulnerable Software and Affected Versions Amazon ECS Agent on Windows versions prior to 1.103.0 Description Improper neutralization of inputs used in an OS command within the FSx Windows File Server volume mounting component allows a remote authenticated threat actor to execute shell...

InsightCloudSec Supports 12 New AWS Services Announced at re:Invent

In case you didn’t hear, Amazon hosted AWS re:Invent in Las Vegas last week. As has come to be expected at the annual mega-event, Amazon made a number of huge announcements and launched a significant number of improvements and brand-new services and settings to enhance their public cloud platform...

CVE-2018-7259

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the networ...

Code injection

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the networ...

CVE-2018-7259

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the networ...

TweakFS 1.0 (FSX Edition) Stack buffer overflow

No description provided by source. Exploit Title : TweakFS 1.0 FSX Edition CVE : CVE-2010-1458 Corelan : http://www.corelan.be:8800/advisories.php?id=CORELAN-10-026 Date : April 7th, 2010 Author : corelanc0d3r Bug found by : TecR0c Software Link : http://tweakfs.com/ Version : 1.0 OS : Windows...

TweakFS Zip Utility for FSX filename buffer overflow

Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...

TweakFS Zip Utility for FSX filename buffer overflow

Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...

CVE-2010-1458

The CVE-2010-1458 issue affects TweakFS Zip Utility 1.0 for Flight Simulator X (FSX). A stack-based buffer overflow is triggered by a long filename within a ZIP archive, allowing an attacker to execute arbitrary code on the affected host. Public disclosures (Corelan advisory CORELAN-10-026) and m...

TweakFS 1.0 (FSX Edition) Stack buffer overflow

Exploit for windows platform in category local exploits =============================================== TweakFS 1.0 FSX Edition Stack buffer overflow =============================================== Exploit Title : TweakFS 1.0 FSX Edition CVE : CVE-2010-1458 Corelan :...