42 matches found
EUVD-2017-18889
Malware in sbrugna...
EUVD-2019-2683
Malware in sbrugna...
EUVD-2018-4537
Malware in sbrugna...
CVE-2025-52357
FiberHome FD602GW-DX-R410 router (firmware V2.2.14) contains a reflected XSS in the ping diagnostic feature. Authenticated users can inject input in the ping form field, which is not properly sanitized, allowing arbitrary JavaScript execution in the router’s admin/web interface. Impacts include s...
CVE-2019-10969
Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution...
VulnCheck KEV: CVE-2022-44149
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required...
CVE-2024-41308
An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system...
CVE-2024-41308
An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system...
CVE-2024-41308
An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system...
CVE-2024-41308
An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system...
PT-2024-29353 · It Solutions · It Solutions Enjay Crm Os
Name of the Vulnerable Software and Affected Versions: IT Solutions Enjay CRM OS version 1.0 Description: The issue in the Ping feature allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system. Recommendations: For IT Solutions Enjay C...
CVE-2024-41308
The CVE-2024-41308 issue affects IT Solutions Enjay CRM OS v1.0 within the Ping feature. The root cause described across sources is that the Ping capability allows an attacker to escape the restricted terminal environment and obtain root-level privileges on the underlying system, resulting in a h...
Moxa EDR 810 Series Improper Input Validation (CVE-2019-10969)
Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution. This plugin only works with Tenable.ot. Please visit...
CVE-2022-44149
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required...
CVE-2022-44149
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required...
PT-2023-14431
Name of the Vulnerable Software and Affected Versions: Nexxt Amp300 ARN02304U8 version 42.103.1.5095 Nexxt Amp300 ARN02304U8 version 80.103.2.5045 Description: The web service on Nexxt Amp300 ARN02304U8 devices allows remote OS command execution by placing in the JSON host field to the "ping"...
ZOHO ManageEngine Network Configuration Manager Command Injection Vulnerability
ZOHO ManageEngine Network Configuration Manager is a multi-vendor network change, configuration and compliance management Nccm solution from ZOHO USA. A command injection vulnerability exists in ZOHO ManageEngine Network Configuration Manager, which stems from the product's Ping feature that does...
Zoho Corporation Zoho ManageEngine Network Configuration Manager 命令注入漏洞
ZOHO ManageEngine Network Configuration Manager is a multi-vendor network change, configuration and compliance management Nccm solution from ZOHO USA. A command injection vulnerability exists in ZOHO ManageEngine Network Configuration Manager, which stems from the product's Ping feature that does...
Victure WR1200 操作系统命令注入漏洞
The Victure WR1200 is a router. A security vulnerability exists in the Victure WR1200 1.0.3 and prior versions, which stems from a lack of command filtering and restriction in the device's web interface, resulting in a command injection vulnerability that could be exploited by an attacker to inje...
Moxa EDR-810 Remote Code Execution Vulnerability
The Moxa EDR-810 is a highly integrated industrial multi-port security router with firewall/NAT/VPN and managed Layer 2 switch functionality. A remote code execution vulnerability exists in the Moxa EDR-810 version 5.1 and earlier. The vulnerability stems from the fact that the product allows an...