CVE-2017-15646

Webmin before 1.860 has XSS with resultant remote code execution. Under the 'Others/File Manager' menu, there is a 'Download from remote URL' option to download a file from a remote server. After setting up a malicious server, one can wait for a file download request and then send an XSS payload...

Netgear DGN1000 Setup.cgi Unauthenticated RCE

This module exploits an unauthenticated OS command execution vulneralbility in the setup.cgi file in Netgear DGN1000 firmware versions up to 1.1.00.48, and DGN2000v1 models. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2017-6224

Ruckus Wireless Zone Director Controller firmware releases ZD9.x, ZD10.0.0.x, ZD10.0.1.x less than 10.0.1.0.17 MR1 release and Ruckus Wireless Unleashed AP Firmware releases 200.0.x, 200.1.x, 200.2.x, 200.3.x, 200.4.x. contain OS Command Injection vulnerabilities that could allow local...

Command injection

Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD9.10.x, ZD9.13.0.x less than 9.13.0.0.232 contain OS Command Injection vulnerabilities in the ping functionality that could allow local authenticated users to execute arbitrary privileged commands on the underlying operating...

CVE-2017-6223

The CVE-2017-6223 entry concerns Ruckus Wireless ZoneDirector firmware. Affected versions are ZD9.9.x, ZD9.10.x, and ZD9.13.0.x prior to 9.13.0.0.232, where the ping functionality is vulnerable to OS command injection. This could allow a local authenticated user to execute arbitrary commands with...

CVE-2017-6224

CVE-2017-6224 affects Ruckus ZoneDirector firmware (ZD9.x, ZD10.0.0.x, ZD10.0.1.x before 10.0.1.0.17 MR1) and Ruckus Unleashed AP firmware (200.0.x–200.4.x). Local authenticated users can inject OS commands by placing them in the Certificate Generation Request Common Name field, leading to arbitr...

CVE-2017-6224

Ruckus Wireless Zone Director Controller firmware releases ZD9.x, ZD10.0.0.x, ZD10.0.1.x less than 10.0.1.0.17 MR1 release and Ruckus Wireless Unleashed AP Firmware releases 200.0.x, 200.1.x, 200.2.x, 200.3.x, 200.4.x. contain OS Command Injection vulnerabilities that could allow local...

OrientDB 2.2.x Remote Code Execution Exploit

This Metasploit module leverages a privilege escalation on OrientDB to execute unsandboxed OS commands. All versions from 2.2.2 up to 2.2.22 should be vulnerable. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

CVE-2017-14867

Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name. The vulnerable code i...

CVE-2017-14867

Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name. The vulnerable code i...

Git cvsserver Remote Command Execution

Phenoelit Advisory Authors joernchen Phenoelit Group http://www.phenoelit.de Affected Products Git before 2.14.2, 2.13.6, 2.12.5, 2.11.4 and 2.10.5 git-cvsserver https://git-scm.com Vendor communication 2017-09-08 Sent vulnerability details to the git-security list 2017-09-09 Acknowledgement of t...

Command injection

An Improper Neutralization of Special Elements used in an OS Command issue was discovered in Digium Asterisk GUI 2.1.0 and prior. An OS command injection vulnerability has been identified that may allow the execution of arbitrary code on the system through the inclusion of OS commands in the URL...

CVE-2017-14001

An Improper Neutralization of Special Elements used in an OS Command issue was discovered in Digium Asterisk GUI 2.1.0 and prior. An OS command injection vulnerability has been identified that may allow the execution of arbitrary code on the system through the inclusion of OS commands in the URL...

CVE-2017-14001

CVE-2017-14001 affects Digium Asterisk GUI 2.1.0 and earlier. The vulnerability is an OS command injection due to improper neutralization of special elements in URL requests, enabling an authenticated attacker to execute arbitrary code on the device. According to ICS-CERT, this vulnerability is r...

FLIR Systems FLIR Thermal Camera FC-S/PT Authenticated OS Command Injection

FLIR Systems FLIR Thermal Camera FC-S/PT Authenticated OS Command Injection Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3 GA and 1.3.2 FC-Series S FC-334-NTSC PT-Series...

FLIR Thermal Camera FC-S/PT - Command Injection

FLIR Systems FLIR Thermal Camera FC-S/PT Authenticated OS Command Injection Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3 GA and 1.3.2 FC-Series S FC-334-NTSC PT-Series...

Digium Asterisk GUI

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Digium Equipment: Asterisk GUI Vulnerability: Improper Neutralization of Special Elements used in an OS Command AFFECTED PRODUCTS The following versions of Asterisk GUI, a framework for configuring graphical user...

Moxa AWK-3131A Web Application Cross-Site Request Forgery Vulnerability(CVE-2016-8718)

Summary An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an...

CVE-2015-3431

Pydio Core (formerly AjaXplorer)

Moxa AWK-3131A Web Application Ping Command Injection Vulnerability(CVE-2016-8721)

Summary An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device...