7 matches found
CVE-2023-49260
An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminaltool.cgi" path. It can be used together with the vulnerability CVE-2023-49255...
EUVD-2023-53262
Malicious code in bioql PyPI...
CVE-2021-20133
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set the "message of the day" banner to any file on the system, allowing them to read all or some of the contents of tho...
Path traversal
An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminaltool.cgi" path. It can be used together with the vulnerability CVE-2023-49255...
CVE-2023-49260 Stored cross-site scripting vulnerability
An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminaltool.cgi" path. It can be used together with the vulnerability CVE-2023-49255...
CVE-2023-49260
CVE-2023-49260 is an XSS vulnerability where an attacker can inject script by manipulating the MOTD banner and directing users to the terminal_tool.cgi path; this can be exploited in conjunction with CVE-2023-49255. Red Hat’s entry for RH:CVE-2023-49260 corroborates the issue and mirrors the desc...
Solarwinds LEM 6.3.1 Management Shell Arbitrary File Read Vulnerability
The management shell on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 allows the end user to edit the MOTD banner displayed during SSH logon. The editor provided for this is nano. This editor has a keyboard mapped function which lets the user import a file from the local file...