EfficientLab Controlio 代码问题漏洞

EfficientLab Controlio is a management software developed by EfficientLab for monitoring employee behavior and analyzing work efficiency. Versions of EfficientLab Controlio prior to 1.3.95 contained code vulnerabilities. These vulnerabilities were caused by weak permissions in the installation...

CVE-2025-59106

CVE-2025-59106 concerns the binary that serves the web server for the dormakaba access manager Web UI, which runs with root privileges. The underlying issue is least-privilege violation due to the Web UI binary executing actions with highest privileges, enabling direct command execution at root i...

EUVD-2023-44758

Malicious code in bioql PyPI...

EUVD-2022-53562

Malicious code in bioql PyPI...

CVE-2025-3322

An improper neutralization of inputs used in expression language allows remote code execution with the highest privileges on the server...

CVE-2025-3322 Improper Neutralization of Special Elements in OnlineSuite

An improper neutralization of inputs used in expression language allows remote code execution with the highest privileges on the server...

CVE-2024-28812

An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service on the local management network interface with hardcoded credentials allows attackers to access the appliance operating system with highest privileges via an SSH connection...

CVE-2022-32203

There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. Vulnerability ID: HWPSIRT-2022-51773 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-32203...

CVE-2022-32203

There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. Vulnerability ID: HWPSIRT-2022-51773 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-32203...

CVE-2022-32203

There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. Vulnerability ID: HWPSIRT-2022-51773 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-32203...

CVE-2022-32203

There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. Vulnerability ID: HWPSIRT-2022-51773 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2022-32203...

CVE-2024-48459

A command execution vulnerability exists in the AX2 Pro home router produced by Shenzhen Tenda Technology Co., Ltd. Jixiang Tenda v.DI7003G-19.12.24A1V16.03.29.50;V16.03.29.50;V16.03.29.50. An attacker can exploit this vulnerability by constructing a malicious payload to execute commands and...

CVE-2024-48459

CVE-2024-48459 describes a command execution (OS command injection) vulnerability in the AX2 Pro home router from Shenzhen Tenda Technology (Jixiang Tenda), affecting DI_7003G-19.12.24A1V16.03.29.50;V16.03.29.50;V16.03.29.50. An attacker can craft a malicious payload to execute commands and obtai...

CVE-2024-28812

An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service on the local management network interface with hardcoded credentials allows attackers to access the appliance operating system with highest privileges via an SSH connection...

CVE-2023-40151

When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP t...

Authentication flaw

When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP t...

CVE-2023-40151 Red Lion Controls Sixnet RTU Exposed Dangerous Method Or Function

When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP t...

PT-2022-3853 · Filewave · Filewave

Name of the Vulnerable Software and Affected Versions: FileWave versions prior to 14.6.3 FileWave versions 14.7.x prior to 14.7.2 Description: The issue is related to errors during the authentication procedure in the FileWave platform, which is a cross-platform solution for mobile device...

Huawei CV81-WDM FW Command Injection Vulnerability

The Huawei CV81-WDM FW is a laser multifunction printer from Huawei China. A command injection vulnerability exists in Huawei CV81-WDM FW 01.70.49.29.46. An attacker can use this vulnerability to gain elevated privileges to the printer...

PT-2022-3232 · Huawei · Huawei Terminal Printer

Name of the Vulnerable Software and Affected Versions: Huawei terminal printer product affected versions not specified Description: The issue is related to a command injection vulnerability in the Huawei terminal printer product. If successfully exploited, it could result in obtaining the highest...