Advantech R-SeeNet ping.php OS Command Injection Vulnerability

Advantech R-SeeNet is an industrial monitoring software from Advantech, Taiwan, China. The software is based on the snmp protocol for monitoring platforms, and is available for Linux and Windows platforms.An OS command injection vulnerability exists in Advantech R-SeeNet ping.php, which stems fro...

Exploit for OS Command Injection in Openbsd Openssh

CVE-2020-15778-Exploit Exploit for CVE-2020-15778OpenSSH v...

Adobe Illustrator < 25.3.0 Multiple Vulnerabilities (APSB21-42)

The version of Adobe Illustrator installed on the remote Windows host is prior to 25.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB21-42 advisory. - Adobe Illustrator version 25.2.3 and earlier is affected by a potential Command injection vulnerability when...

D-LINK DIR-3040 Libcli command injection vulnerability

Summary A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions D-LINK...

CVE-2021-24015

An improper neutralization of special elements used in an OS Command vulnerability in the administrative interface of FortiMail before 6.4.4 may allow an authenticated attacker to execute unauthorized commands via specifically crafted HTTP requests...

CVE-2021-24015

An improper neutralization of special elements used in an OS Command vulnerability in the administrative interface of FortiMail before 6.4.4 may allow an authenticated attacker to execute unauthorized commands via specifically crafted HTTP requests...

CVE-2021-24015

An improper neutralization of special elements used in an OS Command vulnerability in the administrative interface of FortiMail before 6.4.4 may allow an authenticated attacker to execute unauthorized commands via specifically crafted HTTP requests...

CVE-2021-24015

FortiMail before 6.4.4 exposes an OS command injection in its administrative interface. An authenticated attacker can craft specific HTTP requests to execute commands on the device (CWE-78). Impact is user-controlled command execution with high risk; no exploitation details are provided in the do...

CVE-2021-26106

An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments...

Command injection

An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments...

CVE-2021-26106

An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments...

CVE-2021-26106

An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments...

CVE-2021-26106

Fortinet FortiAP OS command injection (CVE-2021-26106) affects FortiAP console versions 6.4.1–6.4.5 and 6.2.4–6.2.5. The vulnerability is due to improper neutralization of special elements in an OS command, enabling an authenticated, local attacker to execute unauthorized commands by issuing the ...

Exploit for OS Command Injection in Apache Kylin

CVE-2020-1956 CVE-2020-1956 Apache Kylin...

CVE-2021-32531

OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...

Command injection

OS command injection vulnerability in Array function in QSAN XEVO allows remote unauthenticated attackers to execute arbitrary commands via status parameter. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...

CVE-2021-32531

The CVE-2021-32531 vulnerability affects QSAN XEVO (flash data management system). It stems from an input handling flaw in the Init function that allows OS command injection, enabling remote attackers to execute arbitrary commands without privileges. Impact is high (CVE-2021-32531, CVSS v3.1: 9.8...

CVE-2021-32530

CVE-2021-32530 describes an OS command injection in the QSAN XEVO product’s Array function, where the status parameter could be used by a remote, unauthenticated attacker to execute arbitrary commands. Reports from multiple sources (NVD entry and CNVD/CNNVD-style disclosures) confirm the vulnerab...

CVE-2021-20739

WRC-300FEBK, WRC-F300NF, WRC-733FEBK, WRH-300RD, WRH-300BK, WRH-300SV, WRH-300WH, WRH-H300WH, WRH-H300BK, WRH-300BK-S, and WRH-300WH-S all versions allows an unauthenticated network-adjacent attacker to execute an arbitrary OS command via unspecified vectors...

Command injection

WRC-300FEBK, WRC-F300NF, WRC-733FEBK, WRH-300RD, WRH-300BK, WRH-300SV, WRH-300WH, WRH-H300WH, WRH-H300BK, WRH-300BK-S, and WRH-300WH-S all versions allows an unauthenticated network-adjacent attacker to execute an arbitrary OS command via unspecified vectors...