6 matches found
BADBOX 2.0 Found Preinstalled on Android IoT Devices Worldwide
BADBOX variant BADBOX 2.0 found preinstalled on Android IoT devices in 222 countries, turning them into proxy nodes used in fraud and large-scale malicious activity...
CVE-2020-12078
An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings internally called excludeip. This excludeip value is passed to the...
CVE-2020-12078
An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings internally called excludeip. This excludeip value is passed to the...
Design/Logic Flaw
An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings internally called excludeip. This excludeip value is passed to the...
CVE-2020-12078
CVE-2020-12078 - Open-AudIT 3.3.1 : A shell metacharacter injection flaw exists in the open-audit/configuration/ URI. The exclude_ip value from global discovery settings is passed to an unfiltered exec in discoveries_helper.php (inside all_ip_list), allowing a payload to execute commands. Connect...
CVE-2020-12078
An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings internally called excludeip. This excludeip value is passed to the...