57 matches found
CVE-2022-38156
A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband NB before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user...
Exploit for CVE-2025-55182
Research: All versions of CVE-2025-55182 exploit vulnerabiliti...
CVE-2025-58428
The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the web services handler. This vulnerability enables remote attackers with valid credentials to execute system-level commands on the underlying Linux system. This could allow the attacker to achieve remote...
EUVD-2019-6305
Malware in sbrugna...
EUVD-2015-6277
Malware in sbrugna...
filebrowser Allows Shell Commands to Spawn Other Commands
Summary The Command Execution feature of File Browser only allows the execution of shell command which have been predefined on a user-specific allowlist. Many tools allow the execution of arbitrary different commands, rendering this limitation void. Impact The concrete impact depends on the...
GHSA-3Q2W-42MV-CPH4 filebrowser Allows Shell Commands to Spawn Other Commands
Summary The Command Execution feature of File Browser only allows the execution of shell command which have been predefined on a user-specific allowlist. Many tools allow the execution of arbitrary different commands, rendering this limitation void. Impact The concrete impact depends on the...
CVE-2019-15298
A problem was found in Centreon Web through 19.04.3. An authenticated command injection is present in the page include/configuration/configObject/traps-mibs/formMibs.php. This page is called from the Centreon administration interface. This is the mibs management feature that contains a file filin...
About Authentication Bypass – PAN-OS (CVE-2025-0108) vulnerability
About Authentication Bypass - PAN-OS CVE-2025-0108 vulnerability. PAN-OS is the operating system used in all Palo Alto Network NGFWs. This vulnerability allows an unauthenticated attacker to gain access to the PAN-OS management web interface. The attacker can then "invoke certain PHP scripts",...
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device...
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device...
Command injection
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device...
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device...
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device...
Kratos NGC Indoor Unit 操作系统命令注入漏洞
Kratos Defense The Kratos NGC Indoor Unit is an advanced antenna control system from Kratos Defense. A security vulnerability in the Kratos NGC Indoor Unit IDU version 9.1.0.4 can be exploited by an attacker to execute arbitrary Linux commands as root by sending a crafted TCP request to the devic...
CVE-2022-38156
A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband NB before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user...
Command injection
A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband NB before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user...
CVE-2022-38156
A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband NB before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user...
CVE-2022-38156
A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband NB before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user...
CVE-2022-36158
Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page /usr/www/ja/mntcmd.cgi...