9786 matches found
CVE-2017-2890
An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an OS command injection. An attacker can send an HTTP request trigger this vulnerability...
CVE-2017-2866
An exploitable vulnerability exists in the /api/CONFIG/backup functionality of Circle with Disney. Specially crafted network packets can cause an OS command injection. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2017-2890
An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an OS command injection. An attacker can send an HTTP request trigger this vulnerability...
CVE-2017-2917
An exploitable vulnerability exists in the notifications functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an OS command injection. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2017-2890
The CVE-2017-2890 vulnerability affects Circle with Disney devices running firmware 2.0.1. The /api/CONFIG/restore endpoint is exploitable: the server builds a shell command using the user-supplied appid parameter without sanitization, leading to OS command injection when an authenticated user in...
CVE-2017-2866
CVE-2017-2866 (Circle with Disney) : Concrete details show an OS command injection in the backup API (/api/CONFIG/backup). The vulnerability arises when the attacker-controlled GET parameter appid is passed directly to system after assembling a shell command, allowing arbitrary command execution....
CVE-2017-2917
CVE-2017-2917 affects Circle with Disney devices (firmware 2.0.1). The vulnerability arises in the notifications subsystem during config restore: the backup’s configure.xml is copied to /mnt/shares/usr/bin/configure.xml and processed to enumerate entries under config/overall/activeNotifications....
MGASA-2017-0404 Updated git packages fix security vulnerability
The git subcommand cvsserver is a Perl script which makes excessive use of the backtick operator to invoke git. Unfortunately user input is used within some of those invocations, which can be a OS Command Injection vulnerability CVE-2017-14867...
pfSense 2.3.1_1 - Command Execution
Exploit Title: pfSense User Manager--Groups in the handling of the members parameter. This allows an authenticated WebGUI user with privileges for systemgroupmanager.php to execute commands in the context of the root user. 2. Proof of Concept 'ifconfig/usr/local/www/ifconfig.txt'...
Circle with Disney Backup API Command Injection Vulnerability
Summary An exploitable vulnerability exists in the /api/CONFIG/backup functionality of Circle with Disney. Specially crafted network packets can cause an OS command injection. An attacker can send an HTTP request trigger this vulnerability. Tested Versions Circle with Disney Product URLs...
Command injection
An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management AP script download webUI page allows an authenticated admin user to execute arbitrary system console commands via crafted HTTP requests...
CVE-2017-7341
The CVE-2017-7341 entry describes an OS Command Injection in Fortinet FortiWLC (FortiWLC) file management AP script download webUI page. Affected software ranges from FortiWLC 6.1-2 to 8.3.2, with exploitation possible by an authenticated admin user via crafted HTTP requests to execute arbitrary ...
Netgear DGN1000 Setup.cgi Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear DGN1000 Setup.cgi Unauthenticated RCE', 'Description' = %q This module exploits an unauthenticated OS command execution vulneralbility in...
Infoblox NetMRI 7.1.4 Shell Escape / Privilege Escalation Vulnerabilities
Exploit for hardware platform in category remote exploits Title: Infoblox NetMRI Administration Shell Escape and Privilege Escalation Advisory ID: KL-001-2017-017 Publication Date: 2017.10.24 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-017.txt 1. Vulnerability...
Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear DGN1000 Setup.cgi Unauthenticated RCE', 'Description' = %q This module exploits an unauthenticated OS command execution vulneralbility in...
GHSA-M6F7-46HW-GRCJ Creme Fraiche contains OS Command Injection
The setmetadata function in lib/cremefraiche.rb in the Creme Fraiche gem before 0.6.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the file name of an email attachment. NOTE: some of these details are obtained from third party information...
Creme Fraiche contains OS Command Injection
The setmetadata function in lib/cremefraiche.rb in the Creme Fraiche gem before 0.6.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the file name of an email attachment. NOTE: some of these details are obtained from third party information...
Infoblox NetMRI Administration Shell Escape and Privilege Escalation
Vulnerability Details Affected Vendor: Infoblox Affected Product: NetMRI Affected Version: 7.1.2 - 7.1.4 Platform: Embedded Linux CWE Classification: CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection', CWE-272: Least Privilege Violation Impact: Root...
Polycom Command Shell Authorization Bypass
The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prom...
Polycom Command Shell Authorization Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Polycom Command Shell Authorization Bypass', 'Alias' = 'polycomhdxauthbypass', 'Author' = 'Paul Haas ', module 'h00die ', submission/cleanup ,...