The vulnerability of the ms.cgi (/swms/ms.cgi) script in the MRF Web Panel web application allows a attacker to execute arbitrary operating system commands.

The vulnerability of the ms.cgi /swms/ms.cgi script in the MRF Web Panel application exists due to the lack of measures taken to neutralize special elements used in operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on behalf of the...

CVE-2016-10043

An issue was discovered in Radisys MRF Web Panel SWMS 9.0.1. The MSMMACRONAME POST parameter in /swms/ms.cgi was discovered to be vulnerable to OS command injection attacks. It is possible to use the pipe character | to inject arbitrary OS commands and retrieve the output in the application's...

Micro Focus Rumba stack buffer overflow vulnerability (CNVD-2016-04557)

Micro Focus Rumba is a terminal emulation solution using UI technology from Micro Focus UK. The solution supports users in accessing core applications from desktop, web and mobile devices. A stack buffer overflow vulnerability exists in the 'PlayMacro' function in the WdMacCtl.ocx file of Micro...