Lucene search
K

8 matches found

OSV
OSV
added 2021/04/23 6:15 a.m.32 views

CVE-2021-31607

In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff...

7.8CVSS7.8AI score
Exploits0References8
Prion
Prion
added 2021/04/23 6:15 a.m.26 views

Command injection

In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff...

4.6CVSS7.9AI score0.03808EPSS
Exploits1References8Affected Software2
AlpineLinux
AlpineLinux
added 2021/04/23 12:0 a.m.34 views

CVE-2021-31607

In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff...

7.8CVSS8.1AI score0.03808EPSS
Exploits1
Debian CVE
Debian CVE
added 2021/04/23 12:0 a.m.25 views

CVE-2021-31607

Removed by vendor...

7.8CVSS8.7AI score0.03808EPSS
Exploits1
Cvelist
Cvelist
added 2021/04/23 12:0 a.m.39 views

CVE-2021-31607

In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff...

8.2AI score0.03808EPSS
Exploits1References8
NVD
NVD
added 2021/03/11 5:15 p.m.10 views

CVE-2021-28144

prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely...

9CVSS0.06009EPSS
Exploits4References4
Prion
Prion
added 2021/03/11 5:15 p.m.20 views

Code injection

prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely...

9CVSS8.4AI score0.06009EPSS
Exploits4References4Affected Software1
Cvelist
Cvelist
added 2021/03/11 4:2 p.m.23 views

CVE-2021-28144

prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely...

8.7AI score0.06009EPSS
Exploits4References4
Rows per page
Query Builder