JVN#26629618: Multiple vulnerabilities in Aterm W300P

Aterm W300P provided by NEC Corporation contains multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2018-0629, CVE-2018-0630, CVE-2018-0631 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H| Base Score: 6.8 CVSS v2|...

JVN#00401783: Multiple OS command injection vulnerabilities in Aterm WG1200HP

Aterm WG1200HP provided by NEC Corporation contains multiple OS command injection vulnerabilities CWE-78. Impact A user who can access the product with administrative privileges may execute an arbitrary OS command. Solution Update the Firmware Apply the latest firmware update according to the...

CVE-2018-9276

An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability both on the server and on devices by sending malformed parameters in sensor or...

CVE-2018-9276

An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability both on the server and on devices by sending malformed parameters in sensor or...

CVE-2018-9276

An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability both on the server and on devices by sending malformed parameters in sensor or...

CVE-2018-9276

CVE-2018-9276 affects Paessler PRTG Network Monitor (pre-18.2.39). An OS command injection can be triggered by an attacker who has administrative access to the PRTG System Administrator web console, via malformed parameters in sensor or notification management scenarios. This vulnerability could ...

CVE-2018-9276

An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability both on the server and on devices by sending malformed parameters in sensor or...

CVE-2018-12465

CVE-2018-12465 describes an OS command injection in the web administration component of Micro Focus Secure Messaging Gateway (SMG). A remote attacker authenticated as a privileged user can run arbitrary OS commands on the SMG server. The CVE notes this can be leveraged with CVE-2018-12464 (SQL in...

CVE-2018-12465 Remote Code Execution in Micro Focus Secure Messaging Gateway

An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway SMG allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve...

TP-Link TL-WR841N V13 Command Injection

Vulnerability: Authenticated Blind Command Injection Affected Software: TP-Link TL-WR841N v13 Affected Version: 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n Patched Version: None Risk: High Vendor Contacted: 05/20/2018 Vendor Fix: None Public Disclosure: 06/27/2018 Overview The ping and traceroute...

Design/Logic Flaw

baserCMS baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors...

Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution Vulnerability

Exploit for linux platform in category remote exploits Exploit Title: Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Version: All versions before RP 5.1.2, and all versions before RP4VMs 5.1.1.3 Vendor KB: https://support.emc.com/kb/521234 Github:...

Dell EMC RecoverPoint < 5.1.2 - Local Root Command Execution Vulnerability

Exploit for linux platform in category local exploits Exploit Title: Dell EMC RecoverPoint &2 email protected:/ id uid=0root gid=0root groups=0root email protected:/ 0day.today 2018-06-22...

Dell EMC RecoverPoint 5.1.2 - Local Root Command Execution

Dell EMC RecoverPoint 5.1.2 - Local Root Command Execution Exploit Title: Dell EMC RecoverPoint &2 root@recoverpoint:/ id uid=0root gid=0root groups=0root root@recoverpoint:/...

Dell EMC RecoverPoint Remote Root

Exploit Title: Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Date: 2018-06-21 Version: All versions before RP 5.1.2, and all versions before RP4VMs 5.1.1.3 Exploit Author: Paul Taylor Vendor Advisory: DSA-2018-095 Vendor KB: https://support.emc.com/kb/521234 Github:...

Dell EMC RecoverPoint &lt; 5.1.2 - Remote Root Command Execution

Exploit Title: Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Date: 2018-06-21 Version: All versions before RP 5.1.2, and all versions before RP4VMs 5.1.1.3 Exploit Author: Paul Taylor Vendor Advisory: DSA-2018-095 Vendor KB: https://support.emc.com/kb/521234 Github:...

Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution

Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Exploit Title: Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Date: 2018-06-21 Version: All versions before RP 5.1.2, and all versions before RP4VMs 5.1.1.3 Exploit Author: Paul Taylor Vendor Advisory: DSA-2018-095 Vendor KB...

Dell EMC RecoverPoint &lt; 5.1.2 - Local Root Command Execution

Exploit Title: Dell EMC RecoverPoint &2 root@recoverpoint:/ id uid=0root gid=0root groups=0root root@recoverpoint:/...

Command injection

On D-Link DIR-620 devices with a certain customized by ISP variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the resbuf parameter to index.cgi...

CVE-2018-6211

On D-Link DIR-620 devices with a certain customized by ISP variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the resbuf parameter to index.cgi...