CVE-2023-24046

An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility...

CVE-2023-24046

An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility...

Design/Logic Flaw

An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility...

CVE-2023-24046

CVE-2023-24046 affects Connectize AC21000 G6 (firmware 641.139.1.1256). The issue allows an attacker on an adjacent network to trigger the ping utility with a crafted string to execute arbitrary commands, per the description. Impact is high for confidentiality, integrity, and availability; exploi...

CVE-2023-24046

An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility...

Connectize G6 AC2100 Security Vulnerability

The Connectize G6 AC2100 is a wireless router from Connectize. A security vulnerability exists in the Connectize G6 AC2100 version 641.139.1.1256 that originates from allowing an attacker to run arbitrary commands by using specially crafted strings in the ping utility...

CVE-2023-24046

An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility...

Uptime Kuma Authenticated remote code execution via TailscalePing

Summary The runTailscalePing method of the TailscalePing class injects the hostname parameter inside a shell command, leading to a command injection and the possibility to run arbitrary commands on the server. Details When adding a new monitor on Uptime Kuma, we can select the "Tailscale Ping"...

CVE-2023-6304

A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goformgetcmdprocess of the component Ping Tool. The manipulation of the argument url leads to os...

CVE-2023-6304

A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goformgetcmdprocess of the component Ping Tool. The manipulation of the argument url leads to os...

Command injection

A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goformgetcmdprocess of the component Ping Tool. The manipulation of the argument url leads to os...

CVE-2023-6304

CVE-2023-6304 affects Tecno 4G Portable WiFi TR118 (TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830). The Ping Tool component’s /goform/goform_get_cmd_process exposes the url argument to OS command injection, allowing remote exploitation. Multiple sources indicate the vulnerability can be triggered...

CVE-2023-6304 Tecno 4G Portable WiFi TR118 Ping Tool goform_get_cmd_process os command injection

A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goformgetcmdprocess of the component Ping Tool. The manipulation of the argument url leads to os...

PT-2023-33027 · Unknown · Uptime Kuma

Name of the Vulnerable Software and Affected Versions: Uptime Kuma affected versions not specified Description: The issue concerns a command injection vulnerability in Uptime Kuma. Specifically, the runTailscalePing method of the TailscalePing class injects the hostname parameter inside a shell...

PT-2023-32604 · Tecno · Tecno 4G Portable Wifi Tr118

Name of the Vulnerable Software and Affected Versions: Tecno 4G Portable WiFi TR118 version TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830 Description: A critical issue has been identified, affecting the Ping Tool component, specifically the /goform/goform get cmd process file. The url argument is...

Rocky Linux 8 : container-tools:1.0 (RLSA-2019:4273)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:4273 advisory. - Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2...

CVE-2023-45163

The 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the input parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on...

CVE-2023-5789

A vulnerability classified as problematic has been found in Dragon Path 707GR1 up to 20231022. Affected is an unknown function of the component Ping Diagnostics. The manipulation of the argument Host Address with the input leads to cross site scripting. It is possible to launch the attack remotel...

Cross site scripting

A vulnerability classified as problematic has been found in Dragon Path 707GR1 up to 20231022. Affected is an unknown function of the component Ping Diagnostics. The manipulation of the argument Host Address with the input leads to cross site scripting. It is possible to launch the attack remotel...

CVE-2023-5789 Dragon Path 707GR1 Ping Diagnostics cross site scripting

A vulnerability classified as problematic has been found in Dragon Path 707GR1 up to 20231022. Affected is an unknown function of the component Ping Diagnostics. The manipulation of the argument Host Address with the input leads to cross site scripting. It is possible to launch the attack remotel...