CVE-2023-1671

A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code...

PT-2023-3171 · Zyxel · Zyxel Nas326 +2

Name of the Vulnerable Software and Affected Versions: Zyxel NAS326 versions prior to V5.21AAZF.14C0 Zyxel NAS540 versions prior to V5.21AATB.11C0 Zyxel NAS542 versions prior to V5.21ABAG.11C0 Description: The pre-authentication command injection issue in Zyxel NAS devices could allow an...

Sophos Web Appliance 4.3.10.4 - Pre-auth command injection

!/bin/bash Exploit Title: Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit Author: Behnam Abasi Vanda Vendor Homepage: https://www.sophos.com Version: Sophos Web Appliance older than version 4.3.10.4 Tested on: Ubuntu CVE : CVE-2023-1671 Shodan Dork: title:"Sophos Web Appliance"...

CVE-2018-11106

NETGEAR has released fixes for a pre-authentication command injection in requesthandler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to...

Immunity Canvas: BRIGHTMAIL_RESTORE

Name| brightmailrestore ---|--- CVE| CVE-2017-6327 Exploit Pack| CANVAS Description| Symantec Brightmail Pre-Auth Command Injection Notes| CVE Name: CVE-2017-6327 VENDOR: http://symantec.com Notes: Tested on: Symantec Messaging Gateway 10.6.3 Appliance SPECIAL: on SMG versions = 10.6.3, our...

BoZoN 2.4 - Remote Code Execution

Credits / Discovery: John Page + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/BOZON-PRE-AUTH-COMMAND-EXECUTION.txt + ISR: ApparitionSec + Vendor: ============ bozon.pw/en/ Product: =========== BoZoN 2.4 Bozon is a simple file-sharing app. Easy to...