PT-2026-42385

Kopia: RCE via SSH ProxyCommand Injection in github.com/kopia/kopia...

Kopia: RCE via SSH ProxyCommand Injection

Summary Kopia's HTTP server, when started with --without-password , accepts unauthenticated requests to /api/v1/repo/exists. The handler forwards an attacker-supplied storage configuration to blob.NewStorage. For SFTP backends with externalSSH: true, that path constructs a process command line by...

MiracleLinux 9 : libssh-0.10.4-13.el9 (AXSA:2024-7773:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7773:03 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values fo...

EUVD-2017-3020

Malware in sbrugna...

CVE-2024-41783

IBM Sterling Secure Proxy is affected across versions 6.0.0.0–6.2.0.0 by an improper validation of a specified input type that could allow a privileged user to inject commands into the underlying OS. The vulnerability’s root cause is input validation failure, with a CVSS v3.1 base score of 9.1 (C...

CVE-2017-14081

Proxy command injection vulnerabilities in Trend Micro Mobile Security Enterprise versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations...

CVE-2017-14081

Proxy command injection vulnerabilities in Trend Micro Mobile Security Enterprise versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations...

CVE-2017-14081

CVE-2017-14081 involves Trend Micro Mobile Security for Enterprise (pre-9.7 Patch 3) with a proxy command injection flaw in the modTMCSS Proxy functionality. A remote attacker can execute arbitrary code by manipulating parameters used to spawn system calls. ZDI advisories (ZDI-17-752, ZDI-17-774)...

CVE-2017-11392

Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "T" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4745...

CVE-2017-11394

Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG 12 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the T parameter within Proxy.php. Formerly ZDI-CAN-4544...

CVE-2017-11394

Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG 12 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the T parameter within Proxy.php. Formerly ZDI-CAN-4544...

CVE-2017-11391

Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "t" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4744...

Command injection

Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG 12 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the T parameter within Proxy.php. Formerly ZDI-CAN-4544...

CVE-2017-11393

Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG 12 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the tr parameter within Proxy.php. Formerly ZDI-CAN-4543...

CVE-2017-11392

CVE-2017-11392 describes a proxy command-injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance (IMSVA) 9.0 and 9.1. The flaw affects the modTMCSS Proxy component, where the vulnerability arises from parsing the "+T+" parameter, leading to remote arbitrary code execution on ...

CVE-2017-11392

Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "T" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4745...

CVE-2017-11393

Trend Micro OfficeScan is affected by a Proxy.php parameter parsing flaw that enables remote code execution via the tr parameter in the Web Console’s Proxy.php. Affected products include OfficeScan 11 and XG (12). The vulnerability allows code execution under the current service context; exploita...

CVE-2017-11391

CVE-2017-11391 describes a proxy command injection in Trend Micro InterScan Messaging Virtual Appliance (IMSVA) 9.0 and 9.1. The flaw arises from improper validation of parameters in the modTMCSS Proxy function, specifically when parsing the unsigned input in the t parameter, allowing a remote at...

CVE-2017-11394

CVE-2017-11394 describes a proxy.php parameter handling flaw in Trend Micro OfficeScan 11 and XG (12) that allows remote command execution via improper validation of HTTP parameters (Proxy.php). The vulnerability enables an attacker to execute arbitrary code on vulnerable installations. Public re...

Endian Firewall 3.0.0 - OS Command Injection (Python)

Endian Firewall 3.0.0 - OS Command Injection Python !/usr/bin/env python Endian Firewall Proxy User Password Change /cgi-bin/chpasswd.cgi OS Command Injection Exploit POC Reverse TCP Shell Ben Lincoln, 2015-06-28 http://www.beneaththewaves.net/ Requires knowledge of a valid proxy username and...