10 matches found
CVE-2025-55125
This vulnerability allows a Backup or Tape Operator to perform remote code execution RCE as root by creating a malicious backup configuration file...
PT-2025-45120
Name of the Vulnerable Software and Affected Versions Snipe-IT versions prior to 8.3.3 Description An authenticated attacker can execute system commands by uploading a malicious backup file containing arbitrary files. The issue is a remote code execution that allows for arbitrary file uploads and...
EUVD-2025-11455
Malicious code in bioql PyPI...
CVE-2022-30075
In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interface can lead to remote code execution due to improper validation...
CVE-2025-20178
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating system. This vulnerability is due to insufficient integrity...
CVE-2025-20178
CVE-2025-20178 affects Cisco Secure Network Analytics (web-based management interface). An authenticated attacker with valid administrative credentials can restore a malicious backup file to the device, exploiting insufficient integrity checks in device backups to obtain shell access as root on t...
Cisco Secure Network Analytics Privilege Escalation Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating system. This vulnerability is due to insufficient integrity...
CVE-2024-54525
A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Restoring a maliciously crafted backup file may lead to modification of protected system files...
CVE-2024-44252
A logic issue was addressed with improved file handling. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, tvOS 18.1, visionOS 2.1. Restoring a maliciously crafted backup file may lead to modification of protected system files...
CVE-2024-44258
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup file may lead to modification of protected system files...