Lucene search
K

1033 matches found

Packet Storm
Packet Storm
added 2017/10/25 12:0 a.m.42 views

Netgear DGN1000 Setup.cgi Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear DGN1000 Setup.cgi Unauthenticated RCE', 'Description' = %q This module exploits an unauthenticated OS command execution vulneralbility in...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2017/10/25 12:0 a.m.145 views

Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear DGN1000 Setup.cgi Unauthenticated RCE', 'Description' = %q This module exploits an unauthenticated OS command execution vulneralbility in...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2017/10/19 1:37 a.m.34 views

Netgear DGN1000 Setup.cgi Unauthenticated RCE

This module exploits an unauthenticated OS command execution vulneralbility in the setup.cgi file in Netgear DGN1000 firmware versions up to 1.1.00.48, and DGN2000v1 models. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5AI score
Exploits0
Cvelist
Cvelist
added 2017/09/15 5:0 p.m.20 views

CVE-2017-10813

CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors...

7AI score0.00655EPSS
Exploits0References2
CVE
CVE
added 2017/09/15 5:0 p.m.55 views

CVE-2017-10813

CVE-2017-10813 affects Corega CG-WLR300NM firmware 1.90 and earlier. The vulnerability is an OS command injection (OS Command Injection, CWE-78) that can be exploited via an attack vector available to users who can access the device’s administrative console, allowing arbitrary OS commands to be e...

7.7CVSS6.9AI score0.00655EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/09/04 11:0 p.m.34 views

CVE-2017-14135

enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI...

10AI score0.21842EPSS
Exploits1References1
Prion
Prion
added 2017/08/18 1:29 p.m.13 views

Design/Logic Flaw

Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an attacker to execute arbitrary OS commands via unspecified vectors...

7.7CVSS7AI score0.00732EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/08/18 1:0 p.m.53 views

CVE-2017-10811

The CVE-2017-10811 entry affects Buffalo WCR-1166DS devices. Firmware versions 1.30 and earlier are vulnerable to an OS command injection (CWE-78) when an attacker with access to the device’s administrative console can trigger arbitrary OS commands. Root cause is an OS command injection flaw. Imp...

7.7CVSS6.9AI score0.00732EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/08/02 4:0 p.m.42 views

CVE-2017-2281

The CVE-2017-2281 entry affects the I-O DATA WN-AX1167GR wireless router. Firmware version 3.00 and earlier contains an OS command injection vulnerability that could allow an attacker with network access to execute arbitrary OS commands on the device via unspecified vectors. Affected product/vari...

8.8CVSS8.8AI score0.00837EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/02 4:0 p.m.18 views

CVE-2017-2281

WN-AX1167GR firmware version 3.00 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors...

9AI score0.00837EPSS
Exploits0References2
NVD
NVD
added 2017/07/22 12:29 a.m.17 views

CVE-2017-2275

WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors...

9CVSS7.3AI score0.01632EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/07/22 12:0 a.m.25 views

CVE-2017-2275

WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors...

7.3AI score0.01632EPSS
Exploits0References2
CVE
CVE
added 2017/07/07 1:0 p.m.55 views

CVE-2017-2237

The CVE-2017-2237 issue affects Toshiba Home gateway models HEM-GW16A and HEM-GW26A with firmware

10CVSS9.6AI score0.01979EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/07/07 1:0 p.m.19 views

CVE-2017-2185

HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI...

9AI score0.00909EPSS
Exploits0References3
CVE
CVE
added 2017/07/07 1:0 p.m.46 views

CVE-2017-2185

CVE-2017-2185 affects HOME SPOT CUBE2 firmware v101 and earlier. The vulnerability is an OS command injection in the WebUI that allows an authenticated attacker to execute arbitrary OS commands. Root cause: improper handling of commands in the WebUI, enabling arbitrary command execution when mana...

8.8CVSS8.9AI score0.00909EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/06/09 4:0 p.m.42 views

CVE-2016-7819

CVE-2016-7819 affects I-O DATA TS-WRLP/TS-WRLA devices running firmware 1.01.02 or earlier. An attacker with administrator rights can execute arbitrary OS commands via unspecified vectors, with impact on confidentiality, integrity, and availability. The issue is mitigated by applying the vendor-p...

9CVSS7.1AI score0.02199EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/05/04 10:29 p.m.21 views

Command injection

Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the sourcetree:// scheme. It will lead to arbitrary OS command execution with a URL substring of sourcetree://cloneRepo/ext:: or sourcetree://checkoutRef/ext:: followed by the command. The Atlassian ID...

10CVSS9.8AI score0.08262EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/05/04 10:0 p.m.32 views

CVE-2017-8768

Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the sourcetree:// scheme. It will lead to arbitrary OS command execution with a URL substring of sourcetree://cloneRepo/ext:: or sourcetree://checkoutRef/ext:: followed by the command. The Atlassian ID...

9.8AI score0.08262EPSS
Exploits0References4
Prion
Prion
added 2017/04/28 4:59 p.m.9 views

Design/Logic Flaw

WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS commands via unspecified vectors...

5.2CVSS6.8AI score0.00567EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/04/28 4:0 p.m.48 views

CVE-2017-2128

The CVE-2017-2128 entry relates to the IPA’s Security guide for website operators, where loading specially crafted saved data can cause arbitrary OS command execution (CWE-78). Root cause is an issue in loading saved data that enables command execution; the affected component is the Security guid...

8.8CVSS9AI score0.01596EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder