CVE-2023-43222

SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/adminping.php file...

CVE-2023-43222

SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/adminping.php file...

PT-2023-28735 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.8 Description: The issue is related to an arbitrary code writing vulnerability in the /jxz7g2/admin ping.php file. This vulnerability allows for unauthorized code execution. Recommendations: For SeaCMS version 12.8, consider...

Command injection

The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...

CVE-2023-38829

An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface...

CVE-2023-38829

An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface...

CVE-2023-38829

An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface...

CVE-2023-38829

This CVE affects NETIS SYSTEMS WF2409E v3.6.42541. The issue resides in the diagnostic tools component of the admin management interface, where the ping and traceroute functions can be abused by a remote attacker to execute arbitrary code. The Red Hat and CNNVD entries corroborate the same impact...

NETIS SYSTEMS WF2409E Command Injection Vulnerability

NETIS SYSTEMS WF2409E is a wireless router from NETIS SYSTEMS. A security vulnerability exists in the NETIS SYSTEMS WF2409E version v.3.6.42541 that originates from a vulnerability that allows an attacker to execute arbitrary code via the ping and traceroute functions in the management interface...

Oracle Linux 7 : mod_auth_openidc (ELSA-2019-2112)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-2112 advisory. - Resolves: rhbz1626297 - CVE-2017-6413 modauthopenidc: OIDCCLAIM and OIDCAuthNHeader not skipped in an 'AuthType oauth20' configuration rhel-7 Tenable...

GHSA-PPJG-V974-84CM Go-Ethereum vulnerable to denial of service via malicious p2p message

Impact A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. Details The p2p handler spawned a new goroutine to respond to ping requests. By flooding a node with ping requests, an unbounded number of goroutin...

PT-2023-27526 · Unknown · Go-Ethereum

Name of the Vulnerable Software and Affected Versions: go-ethereum geth versions prior to 1.12.1-stable Description: A vulnerable node can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. This occurs because the p2p handler...

CVE-2022-41763

An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service...

CVE-2022-41763

An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service...

CVE-2022-41763

An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service...

Remote code execution

An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service...

PT-2023-14032 · Nokia · Nokia Ams

Name of the Vulnerable Software and Affected Versions: NOKIA AMS version 9.7.05 Description: An issue exists in the debugger of the ipAddress variable, allowing Remote Code Execution. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the...

CVE-2022-41763

An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service...

Nokia Access Management System Code Injection Vulnerability

Nokia Access Management System is an access management system from Nokia, Finland. A security vulnerability exists in Nokia Access Management System version 9.7.05, which can be exploited to inject code into the PING function by a remote user who has been authenticated by the server...

Unable to ping backend server from NetScaler with SNIP as source IP address

SNIP, NSIP and backend server are in the same subnet. Unable to ping backend from NetScaler with SNIP as source IP address, can ping backend with NSIP as source IP address...