10 matches found
EUVD-2025-5062
Malicious code in bioql PyPI...
EUVD-2025-5063
Malicious code in bioql PyPI...
CVE-2024-8685
Path-Traversal vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to list device directories via the ‘/pictory/php/getFileList.php’ endpoint in the ‘dir’ parameter...
CVE-2024-8684
OS Command Injection vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to execute OS commands on the device via the ‘php/dal.php’ endpoint, in the ‘arrSaveConfig’ parameter...
CVE-2024-8684
OS Command Injection vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to execute OS commands on the device via the ‘php/dal.php’ endpoint, in the ‘arrSaveConfig’ parameter...
CVE-2024-8685
Path-Traversal vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to list device directories via the ‘/pictory/php/getFileList.php’ endpoint in the ‘dir’ parameter...
CVE-2024-8685 Path-Traversal vulnerability in Revolution Pi
Path-Traversal vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to list device directories via the ‘/pictory/php/getFileList.php’ endpoint in the ‘dir’ parameter...
CVE-2024-8685 Path-Traversal vulnerability in Revolution Pi
Path-Traversal vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to list device directories via the ‘/pictory/php/getFileList.php’ endpoint in the ‘dir’ parameter...
CVE-2024-8684 OS Command Injection vulnerability in Revolution Pi
OS Command Injection vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to execute OS commands on the device via the ‘php/dal.php’ endpoint, in the ‘arrSaveConfig’ parameter...
CVE-2024-8684
CVE-2024-8684 describes an OS command injection in Revolution Pi (KUNBUS GmbH) via the php/dal.php endpoint, in the arrSaveConfig parameter. The vulnerability affects Revolution Pi 2022-07-28-revpi-buster and can be exploited by an authenticated attacker to execute OS commands. Available connecte...