286 matches found
CVE-2018-18320
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote co...
PT-2018-14404 · Asuswrt Merlin · Merlin.Php
Name of the Vulnerable Software and Affected Versions: Merlin.PHP version 0.6.6 Description: An issue was discovered in the Merlin.PHP component for Asuswrt-Merlin devices, allowing an attacker to execute arbitrary commands due to a popen call in exec.php. The vendor notes that Merlin.PHP is...
CVE-2018-16744
An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used. Mitigation Make sure the notify option in /etc/mgetty+sendfax/mgetty.config does not...
Command injection
An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used...
DEBIAN-CVE-2018-16744
An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used...
tnftp (savefile) Arbitrary Command Execution Exploit
This Metasploit module exploits an arbitrary command execution vulnerability in tnftp's handling of the resolved output filename - called "savefile" in the source - from a requested resource. If tnftp is executed without the -o command-line option, it will resolve the output filename from the las...
tnftp - 'savefile' Arbitrary Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'tnftp "savefile" Arbitrary Command Execution', 'Description' = %q This module exploits an arbitrary command execution vulnerability in tnftp's...
tnftp "savefile" Arbitrary Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'tnftp "savefile" Arbitrary Command Execution', 'Description' = %q This module exploits an arbitrary command execution vulnerability in tnftp's...
tnftp "savefile" Arbitrary Command Execution
This module exploits an arbitrary command execution vulnerability in tnftp's handling of the resolved output filename - called "savefile" in the source - from a requested resource. If tnftp is executed without the -o command-line option, it will resolve the output filename from the last component...
Zyxel NBG6716 ozkerz component command injection vulnerability
The Zyxel NBG6716 is a wireless router product from Hopkin ZyXEL Technologies. ozkerz component is one of the components. A security vulnerability exists in the ozkerz component of the Zyxel NBG6716 V1.00AAKG.9C0 version, which originates from the program's direct use of beginIndex and endIndex i...
Command injection
Zyxel NBG6716 V1.00AAKG.9C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call...
CVE-2017-15226
Zyxel NBG6716 V1.00AAKG.9C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call...
CVE-2017-15226
Zyxel NBG6716 V1.00AAKG.9C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call...
CVE-2017-14119
In the EyesOfNetwork web interface aka eonweb 5.1-0, module\toolall\tools\snmpwalk.php does not properly restrict popen calls, which allows remote attackers to execute arbitrary commands via shell metacharacters in a parameter...
CVE-2017-14119
In the EyesOfNetwork web interface aka eonweb 5.1-0, module\toolall\tools\snmpwalk.php does not properly restrict popen calls, which allows remote attackers to execute arbitrary commands via shell metacharacters in a parameter...
CVE-2017-14119
In the EyesOfNetwork web interface aka eonweb 5.1-0, module\toolall\tools\snmpwalk.php does not properly restrict popen calls, which allows remote attackers to execute arbitrary commands via shell metacharacters in a parameter...
Updated squirrelmail packages fix security vulnerability
Squirrelmail version 1.4.22 and probably prior is vulnerable to a remote code execution vulnerability because it fails to sanitize a string before passing it to a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote server CVE-2017-7692...
CVE-2017-7692
SquirrelMail 1.4.22 and other versions before 201704270200-SVN allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote server. The problem is in the...
SquirrelMail -- post-authentication remote code execution
SquirrelMail developers report: SquirrelMail 1.4.22 and other versions before 201704270200-SVN allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote...
Command injection
sudonoexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the 1 system or 2 popen function...