9786 matches found
polycom-web-management-interface-os-command-injection
No description provided by source...
NUUO 3.0.8 OS Command Injection
i? NUUO Multiple OS Command Injection Vulnerabilities Vendor: NUUO Inc. Product web page: http://www.nuuo.com Affected version: =3.0.8 NE-4160, NT-4040, NT-4040R DP: =04.07.0000.0030, =04.03.0000.0035 FW: =02.02.00, =1.7.0 Summary: NUUO NVRmini 2 is the lightweight, portable NVR solution with NAS...
NUUO NVRmini 2 3.0.8 - Multiple OS Command Injections
NUUO NVRmini 2 3.0.8 - Multiple OS Command Injections NUUO Multiple OS Command Injection Vulnerabilities Vendor: NUUO Inc. Product web page: http://www.nuuo.com Affected version: =3.0.8 NE-4160, NT-4040, NT-4040R DP: =04.07.0000.0030, =04.03.0000.0035 FW: =02.02.00, =1.7.0 Summary: NUUO NVRmini 2...
NUUO Multiple OS Command Injection Vulnerabilities
Summary NUUO NVRmini 2 is the lightweight, portable NVR solution with NAS functionality. Setup is simple and easy, with automatic port forwarding settings built in. NVRmini 2 supports POS integration, making this the perfect solution for small retail chain stores. NVRmini 2 also comes full equipp...
NASdeluxe NDL-2400r 2.01.09 - OS Command Injection
NASdeluxe NDL-2400r 2.01.09 - OS Command Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2016-065 Product: NASdeluxe NDL-2400r Vendor: Starline Computer GmbH Affected Versions: 2.01.10 Tested Versions: 2.01.09 Vulnerability Type: OS Command Injection CWE-78 Risk Level:...
NASdeluxe NDL-2400r 2.01.09 - OS Command Injection
Exploit for hardware platform in category web applications Product: NASdeluxe NDL-2400r Vendor: Starline Computer GmbH Affected Versions: 2.01.10 Tested Versions: 2.01.09 Vulnerability Type: OS Command Injection CWE-78 Risk Level: High Solution Status: no fix product has reached EOL since 3 years...
NASdeluxe NDL-2400r 2.01.09 - OS Command Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2016-065 Product: NASdeluxe NDL-2400r Vendor: Starline Computer GmbH Affected Versions: 2.01.10 Tested Versions: 2.01.09 Vulnerability Type: OS Command Injection CWE-78 Risk Level: High Solution Status: no fix product has reached E...
Polycom Command Shell Authorization Bypass
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Polycom Command Shell Authorization Bypass', 'Alias' = 'pshauthbypass', 'Author' = 'Paul Haas ', module 'h00die ',...
Crestron AirMedia AM-100 contains multiple vulnerabilities
Overview The Crestron AirMedia AM-100 with firmware prior to version 1.4.0.13 is vulnerable to path traversal and command injection. Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' - CVE-2016-5639 A path traversal vulnerability exists in login.cgi...
Micro Focus Filr CSRF / XSS / Code Execution
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Micro Focus former Novell Filr Appliance vulnerable version: Filr 2 =2.0.0.421, Filr 1.2 = 1.2.0.846 fixed version: Filr 2 v2.0.0.465,...
Micro Focus Filr 2 2.0.0.421, Filr 1.2 1.2.0.846 - Multiple Vulnerabilities
Exploit for php platform in category web applications title: Multiple vulnerabilities product: Micro Focus former Novell Filr Appliance vulnerable version: Filr 2 =2.0.0.421, Filr 1.2 = 1.2.0.846 fixed version: Filr 2 v2.0.0.465, Filr 1.2 v1.2.0.871 CVE number: CVE-2016-1607, CVE-2016-1608,...
Micro Focus (Novell) Filr 1.2 <= 1.2.0.846 / 2 <= 2.0.0.421 Multiple Vulnerabilities
Micro Focus Novell Filr is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:microfocus:filr"; i...
Micro Focus Filr 2 2.0.0.4211.2 1.2.0.846 - Multiple Vulnerabilities
Micro Focus Filr 2 2.0.0.4211.2 1.2.0.846 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Micro Focus former Novell Filr Appliance vulnerable version: Filr 2...
SugarCRM <= 6.5.18 Multiple Vulnerabilities
SugarCRM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sugarcrm:sugarcrm"; if description...
CVE-2016-1227
CVE-2016-1227 describes an OS command injection (CWE-78) in several Hikari Denwa routers. A logged-in attacker could execute arbitrary OS commands on affected devices: NTT EAST PR-400MI/RT-400MI/RV-440MI (firmware 07.00.1006 and earlier) and NTT WEST PR-400MI/RT-400MI/RV-440MI (firmware 07.00.100...
JVN#77403442: Multiple Hikari Denwa routers vulnerable to OS command injection
Multiple Hikari Denwa routers contain an OS command injection vulnerability CWE-78. Impact An arbitrary OS command may be executed on the product by a logged-in attacker. Solution Update the Firmware Apply the appropriate firmware update provided by the developer. Products Affected NIPPON TELEGRA...
Input validation
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.22 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.22 allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID...
CVE-2016-1388
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882...
CVE-2015-4642
The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 on Windows allows remote attackers to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a call to the PHP system functio...
TP-Link SC2020n Authenticated Telnet Injection
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'TP-Link SC2020n Authenticated Telnet Injection', 'Description' = %q The TP-Link SC2020n Network Video Camera is vulnerable to O...