74 matches found
HP ThinPro 6.x / 7.x Privilege Escalation
HP ThinPro - Privilege escalation =============================================================================== Identifiers ------------------------------------------------- CVE-2019-16287 CVSSv3 score ------------------------------------------------- 6.1 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N...
HP ThinPro 6.x / 7.x Privileged Command Injection
HP ThinPro - Privileged command injection =============================================================================== Identifiers ------------------------------------------------- CVE-2019-18910 CVSSv3 score ------------------------------------------------- 7.6...
HP ThinPro Linux Elevation of Privilege Vulnerability
HP ThinPro Linux is an operating system for HP thin clients from Hewlett-Packard HP in the United States. A security vulnerability exists in HP ThinPro Linux. An attacker could exploit the vulnerability to obtain elevated privileges, create files on the local file system, and then execute command...
HP ThinPro Linux Information Disclosure Vulnerability
HP ThinPro Linux is an operating system for HP thin clients from Hewlett-Packard HP in the United States. A security vulnerability exists in HP ThinPro Linux. An attacker could exploit the vulnerability to transfer sensitive information to a local drive...
CVE-2019-16287
In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed command...
CVE-2019-18909
The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges...
CVE-2019-16287
In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed command...
CVE-2019-18909
The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges...
Input validation
The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges...
Design/Logic Flaw
In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed command...
CVE-2019-18909
HP ThinPro VPN command-injection (CVE-2019-18909) arises from unsafe handling of user input, enabling potential command execution with root privileges. Affected HP ThinPro Linux versions include 6.2, 6.2.1, 7.0, and 7.1 (Citrix-related component in 6.x/7.x). The issue is documented across multipl...
CVE-2019-18909
The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges...
CVE-2019-16287
In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed command...
CVE-2019-16287
CVE-2019-16287 affects HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, where an application filter bypass can allow an attacker to create a local file and enter Administrative Mode, enabling elevated commands. The issue is addressed by HP with multiple patches: HP Firefox 60.9.0esr for ThinPro 6.2–7.1 ...
HP ThinPro Linux Multiple Security Vulnerabilities
Description HP ThinPro Linux is prone to multiple security vulnerabilities. A local attacker can exploit these issues to obtain sensitive information,execute arbitrary code and gain elevated privileges. This may aid in further attacks. Technologies Affected HP ThinPro Linux x86 6.2 HP ThinPro Lin...
HPSBHF03642 rev. 2 - HP ThinPro Linux Information Disclosure and Privilege Escalation
Potential Security Impact Information Disclosure, Privilege Escalation, and Arbitrary Code Execution Source: HP, HP Product Security Response Team PSRT Reported by: Eldar Marcussen - xen1thLabs - Software Labs PSR-2019-0173, CVE-2019-16285, CVE-2019-16286, CVE-2019-16287, CVE-2019-18909,...
Design/Logic Flaw
A potential security vulnerability has been identified with the command line shell of the HP ThinPro operating system 6.1, 5.2.1, 5.2, 5.1, 5.0, and 4.4. The vulnerability could result in a local unauthorized elevation of privilege on an HP thin client device...
CVE-2017-2740
A potential security vulnerability has been identified with the command line shell of the HP ThinPro operating system 6.1, 5.2.1, 5.2, 5.1, 5.0, and 4.4. The vulnerability could result in a local unauthorized elevation of privilege on an HP thin client device...
CVE-2017-2740
CVE-2017-2740 affects the HP ThinPro operating system command line shell across multiple releases (4.4, 5.0, 5.1, 5.2, 5.2.1, 6.1). The vulnerability could enable local unauthorized elevation of privilege on HP thin client devices. HP and related records describe a privilege escalation via the Th...
CVE-2017-2740
A potential security vulnerability has been identified with the command line shell of the HP ThinPro operating system 6.1, 5.2.1, 5.2, 5.1, 5.0, and 4.4. The vulnerability could result in a local unauthorized elevation of privilege on an HP thin client device...