Lucene search
K

74 matches found

packetstorm
packetstorm
added 2020/03/25 12:0 a.m.175 views

HP ThinPro 6.x / 7.x Privilege Escalation

HP ThinPro - Privilege escalation =============================================================================== Identifiers ------------------------------------------------- CVE-2019-16287 CVSSv3 score ------------------------------------------------- 6.1 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N...

7.2CVSS0.4AI score0.0068EPSS
Exploits1
packetstorm
packetstorm
added 2020/03/25 12:0 a.m.223 views

HP ThinPro 6.x / 7.x Privileged Command Injection

HP ThinPro - Privileged command injection =============================================================================== Identifiers ------------------------------------------------- CVE-2019-18910 CVSSv3 score ------------------------------------------------- 7.6...

4.6CVSS0.9AI score0.00672EPSS
Exploits3
cnvd
cnvd
added 2019/11/25 12:0 a.m.4 views

HP ThinPro Linux Elevation of Privilege Vulnerability

HP ThinPro Linux is an operating system for HP thin clients from Hewlett-Packard HP in the United States. A security vulnerability exists in HP ThinPro Linux. An attacker could exploit the vulnerability to obtain elevated privileges, create files on the local file system, and then execute command...

7.2CVSS6.9AI score0.0068EPSS
Exploits1References1
cnvd
cnvd
added 2019/11/25 12:0 a.m.3 views

HP ThinPro Linux Information Disclosure Vulnerability

HP ThinPro Linux is an operating system for HP thin clients from Hewlett-Packard HP in the United States. A security vulnerability exists in HP ThinPro Linux. An attacker could exploit the vulnerability to transfer sensitive information to a local drive...

4.6CVSS6.3AI score0.00996EPSS
Exploits1References1
nvd
nvd
added 2019/11/22 10:15 p.m.20 views

CVE-2019-16287

In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed command...

7.2CVSS6.7AI score0.0068EPSS
Exploits1References3
osv
osv
added 2019/11/22 10:15 p.m.3 views

CVE-2019-18909

The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges...

8CVSS5.8AI score0.02181EPSS
Exploits3References3
osv
osv
added 2019/11/22 10:15 p.m.2 views

CVE-2019-16287

In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed command...

6.8CVSS6.7AI score0.0068EPSS
Exploits1References3
nvd
nvd
added 2019/11/22 10:15 p.m.30 views

CVE-2019-18909

The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges...

8CVSS8AI score0.02181EPSS
Exploits3References3
prion
prion
added 2019/11/22 10:15 p.m.20 views

Input validation

The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges...

7.7CVSS7.9AI score0.02181EPSS
Exploits3References3Affected Software1
prion
prion
added 2019/11/22 10:15 p.m.14 views

Design/Logic Flaw

In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed command...

7.2CVSS6.7AI score0.0068EPSS
Exploits1References3Affected Software1
cve
cve
added 2019/11/22 9:38 p.m.173 views

CVE-2019-18909

HP ThinPro VPN command-injection (CVE-2019-18909) arises from unsafe handling of user input, enabling potential command execution with root privileges. Affected HP ThinPro Linux versions include 6.2, 6.2.1, 7.0, and 7.1 (Citrix-related component in 6.x/7.x). The issue is documented across multipl...

8CVSS7.9AI score0.02181EPSS
Exploits3References3Affected Software1
cvelist
cvelist
added 2019/11/22 9:38 p.m.32 views

CVE-2019-18909

The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges...

8AI score0.02181EPSS
Exploits3References3
cvelist
cvelist
added 2019/11/22 9:30 p.m.22 views

CVE-2019-16287

In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed command...

6.7AI score0.0068EPSS
Exploits1References3
cve
cve
added 2019/11/22 9:30 p.m.132 views

CVE-2019-16287

CVE-2019-16287 affects HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, where an application filter bypass can allow an attacker to create a local file and enter Administrative Mode, enabling elevated commands. The issue is addressed by HP with multiple patches: HP Firefox 60.9.0esr for ThinPro 6.2–7.1 ...

7.2CVSS6.6AI score0.0068EPSS
Exploits1References3Affected Software1
symantec
symantec
added 2019/11/20 12:0 a.m.19 views

HP ThinPro Linux Multiple Security Vulnerabilities

Description HP ThinPro Linux is prone to multiple security vulnerabilities. A local attacker can exploit these issues to obtain sensitive information,execute arbitrary code and gain elevated privileges. This may aid in further attacks. Technologies Affected HP ThinPro Linux x86 6.2 HP ThinPro Lin...

1.5AI score
Exploits0References1
hp
hp
added 2019/11/20 12:0 a.m.47 views

HPSBHF03642 rev. 2 - HP ThinPro Linux Information Disclosure and Privilege Escalation

Potential Security Impact Information Disclosure, Privilege Escalation, and Arbitrary Code Execution Source: HP, HP Product Security Response Team PSRT Reported by: Eldar Marcussen - xen1thLabs - Software Labs PSR-2019-0173, CVE-2019-16285, CVE-2019-16286, CVE-2019-16287, CVE-2019-18909,...

7.6CVSS2.3AI score0.02181EPSS
Exploits9
prion
prion
added 2018/01/23 4:29 p.m.17 views

Design/Logic Flaw

A potential security vulnerability has been identified with the command line shell of the HP ThinPro operating system 6.1, 5.2.1, 5.2, 5.1, 5.0, and 4.4. The vulnerability could result in a local unauthorized elevation of privilege on an HP thin client device...

7.2CVSS7.6AI score0.0051EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2018/01/23 4:29 p.m.19 views

CVE-2017-2740

A potential security vulnerability has been identified with the command line shell of the HP ThinPro operating system 6.1, 5.2.1, 5.2, 5.1, 5.0, and 4.4. The vulnerability could result in a local unauthorized elevation of privilege on an HP thin client device...

7.8CVSS7.7AI score0.0051EPSS
Exploits0References1
cve
cve
added 2018/01/23 4:0 p.m.45 views

CVE-2017-2740

CVE-2017-2740 affects the HP ThinPro operating system command line shell across multiple releases (4.4, 5.0, 5.1, 5.2, 5.2.1, 6.1). The vulnerability could enable local unauthorized elevation of privilege on HP thin client devices. HP and related records describe a privilege escalation via the Th...

7.8CVSS7.6AI score0.0051EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2018/01/23 4:0 p.m.19 views

CVE-2017-2740

A potential security vulnerability has been identified with the command line shell of the HP ThinPro operating system 6.1, 5.2.1, 5.2, 5.1, 5.0, and 4.4. The vulnerability could result in a local unauthorized elevation of privilege on an HP thin client device...

7.7AI score0.0051EPSS
Exploits0References1
Rows per page
Query Builder