CVE-2025-34335 AudioCodes Fax/IVR Appliance <= 2.6.23 Authenticated Command Injection via ActivateLicense.php

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an authenticated command injection vulnerability in the license activation workflow handled by AudioCodesfiles/ActivateLicense.php. When a license file is uploaded, the application derives a new...

CVE-2024-6269

A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This vulnerability affects the function getip.addrdetails of the file /view/vpn/autovpn/sxhvpnlic.php of the component HTTP POST Request Handler. The manipulation of the argument indevice leads to command injection. T...

The vulnerability of the “scripts/license.pl” script in the Veritas NetBackup Appliance backup solution allows a perpetrator to execute arbitrary commands.

The vulnerability of the “scripts/license.pl” script in the Veritas NetBackup Appliance backup solution is related to the lack of measures taken at the control level to clean data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using the “hostName” parameter ...