CVE-2019-25243 FaceSentry 6.4.8 Authenticated Remote Command Injection via Ping Test

FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort'...

CVE-2018-25143 Microhard Systems IPn4G 1.1.0 Backdoor Jailbreak via Microhard Sh Service

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root...

CVE-2018-25143 Microhard Systems IPn4G 1.1.0 Backdoor Jailbreak via Microhard Sh Service

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root...

UBUNTU-CVE-2023-53987

In the Linux kernel, the following vulnerability has been resolved: ping: Fix potentail NULL deref for /proc/net/icmp. After commit dbca1596bbb0 "ping: convert to RCU lookups, get rid of rwlock", we use RCU for ping sockets, but we should use spinlock for /proc/net/icmp to avoid a potential NULL...

CVE-2023-53987

In the Linux kernel, the following vulnerability has been resolved: ping: Fix potentail NULL deref for /proc/net/icmp. After commit dbca1596bbb0 "ping: convert to RCU lookups, get rid of rwlock", we use RCU for ping sockets, but we should use spinlock for /proc/net/icmp to avoid a potential NULL...

CVE-2023-53987 ping: Fix potentail NULL deref for /proc/net/icmp.

In the Linux kernel, the following vulnerability has been resolved: ping: Fix potentail NULL deref for /proc/net/icmp. After commit dbca1596bbb0 "ping: convert to RCU lookups, get rid of rwlock", we use RCU for ping sockets, but we should use spinlock for /proc/net/icmp to avoid a potential NULL...

CVE-2023-53987

The CVE-2023-53987 issue affects the Linux kernel’s ping handling, where a potential NULL dereference in /proc/net/icmp could be triggered by an incorrect use of Read-Copy-Update (RCU) for ping sockets. The root cause, as stated in multiple sources, is using RCU lookups instead of a spinlock for ...

CVE-2023-53987 ping: Fix potentail NULL deref for /proc/net/icmp.

In the Linux kernel, the following vulnerability has been resolved: ping: Fix potentail NULL deref for /proc/net/icmp. After commit dbca1596bbb0 "ping: convert to RCU lookups, get rid of rwlock", we use RCU for ping sockets, but we should use spinlock for /proc/net/icmp to avoid a potential NULL...

iWT FaceSentry Access Control System 安全漏洞

The iWT FaceSentry Access Control System is an iWT open source application. It provides an access control function. A security vulnerability exists in iWT FaceSentry Access Control System version 6.4.8, which stems from an authenticated remote command injection in the pingTest.php and...

PT-2025-53363

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root...

Microhard Systems IPn4G 安全漏洞

Microhard Systems IPn4G is a cellular wireless gateway from Microhard Canada. A security vulnerability exists in Microhard Systems IPn4G version 1.1.0 that originates from a restricted shell that can be escaped via a customized ping command, which could result in the execution of commands with ro...

PT-2025-52944

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to a potential NULL dereference within the /proc/net/icmp interface when using ping sockets. The issue arose after a commit dbca1596bbb0...

PT-2025-53329

Name of the Vulnerable Software and Affected Versions FaceSentry version 6.4.8 Description FaceSentry 6.4.8 has a remote command injection issue in the pingTest.php and tcpPortTest.php scripts. An attacker with authentication can inject and execute arbitrary shell commands with root privileges...

Malicious Package

Overview @aa-techops-ui/ping-authentication is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

MAL-2025-192745 Malicious code in @aa-techops-ui/ping-authentication (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d523ddbefc7a817d1b6a431d5f9d0aca24fecc12ef57ce37915df0a88af3f132 The package @aa-techops-ui/ping-authentication was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-204880

Malicious code in @aa-techops-ui/ping-authentication npm...

ROS-20251223-7312

A vulnerability in the ICMP Echo Reply packet of the ping utility is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ReGAIN: Retrieval-Grounded AI Framework for Network Traffic Analysis

Modern networks generate vast, heterogeneous traffic that must be continuously analyzed for security and performance. Traditional network traffic analysis systems, whether rule-based or machine learning-driven, often suffer from high false positives and lack interpretability, limiting analyst...

EulerOS Virtualization 2.13.1 : iputils (EulerOS-SA-2025-2545)

According to the versions of the iputils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ping in iputils before 20250602 allows a denial of service application error in adaptive ping mode or incorrect data collection via...

CVE-2025-14518

A vulnerability was identified in PowerJob up to 5.1.2. This vulnerability affects the function checkConnectivity of the file src/main/java/tech/powerjob/common/utils/net/PingPongUtils.java of the component Network Request Handler. The manipulation of the argument targetIp/targetPort leads to...