CVE-2023-24046

An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility...

PT-2023-4340 · Adtran · Adtran Sr400Ac

Name of the Vulnerable Software and Affected Versions: Adtran SR400ac affected versions not specified Description: The issue is related to the lack of input validation in the SmartOS WiFi router ADTRAn SR400ac, allowing remote attackers to execute arbitrary code in the context of the root user. T...

Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ping command, whi...

PT-2023-22818 · Gipsy · Gipsy

Name of the Vulnerable Software and Affected Versions: Gipsy versions prior to 1.3 Description: Gipsy is a multi-purpose discord bot that aims to be modular and user-friendly. The !ping command, when provided with an IP or hostname, used to run a bash ping without verification that the IP or...

CVE-2022-1389

On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP fixed in 17.0.0, a cross-site request forgery CSRF vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This vulnerability allows an attacker to run a limited set of commands: ping,...

CVE-2021-46007

totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks...

Command injection

totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks...

CVE-2021-46007

totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks...

CVE-2021-46007

CVE-2021-46007 affects TotoLink A3100R, specifically version V5.9c.4577. The vulnerability is an operating system command injection in which an input field does not properly filter special symbols, allowing the backend to execute the ping command. Reported in multiple sources (NVD entry for CVE-2...

CVE-2018-17875

A remote code execution issue in the ping command on Poly Trio 8800 5.7.1.4145 devices allows remote authenticated users to execute commands via unspecified vectors...

CVE-2018-17875

A remote code execution issue in the ping command on Poly Trio 8800 5.7.1.4145 devices allows remote authenticated users to execute commands via unspecified vectors...

Remote code execution

A remote code execution issue in the ping command on Poly Trio 8800 5.7.1.4145 devices allows remote authenticated users to execute commands via unspecified vectors...

CVE-2018-17875

Poly Trio 8800 devices running 5.7.1.4145 are affected by CVE-2018-17875, a remote code execution vulnerability in the ping command that allows remote authenticated users to execute commands via unspecified vectors. Impact is high for unauthenticated? No, authenticated users per description; CVSS...

CVE-2018-17875

A remote code execution issue in the ping command on Poly Trio 8800 5.7.1.4145 devices allows remote authenticated users to execute commands via unspecified vectors...

OPENSUSE-SU-2021:1544-1 Security update for aaa_base

This update for aaabase fixes the following issues: - Allowed ping and ICMP commands without CAPNETRAW bsc1174504. - Add $HOME/.local/bin to PATH, if it exists bsc1192248. - Fixed getkernelversion.c to work also for recent kernels on the s390/X platform bsc1191563. - Support xz compressed kernel...

SUSE-SU-2021:3899-1 Security update for aaa_base

This update for aaabase fixes the following issues: - Allowed ping and ICMP commands without CAPNETRAW bsc1174504. - Add $HOME/.local/bin to PATH, if it exists bsc1192248. - Fixed getkernelversion.c to work also for recent kernels on the s390/X platform bsc1191563. - Support xz compressed kernel...

OPENSUSE-SU-2021:3899-1 Security update for aaa_base

This update for aaabase fixes the following issues: - Allowed ping and ICMP commands without CAPNETRAW bsc1174504. - Add $HOME/.local/bin to PATH, if it exists bsc1192248. - Fixed getkernelversion.c to work also for recent kernels on the s390/X platform bsc1191563. - Support xz compressed kernel...

CVE-2021-39474

Vulnerability in the product Docsis 3.0 UBC1319BA00 Router supported affected version 1319010201r009. The vulnerability allows an attacker with privileges and network access through the ping.cmd component to execute commands on the device...

Connect Box EuroDOCSIS 3.0 Voice Gateway 操作系统命令注入漏洞

The Connect Box EuroDOCSIS 3.0 Voice Gateway is a home voice gateway device. An operating system command injection vulnerability exists in Connect Box EuroDOCSIS 3.0 Voice Gateway that allows an attacker with privileges and network access to execute commands on the device via the ping.cmd compone...

CVE-2020-25565

In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients username: sapphire, password: ims and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server...