22 matches found
CVE-2022-27905
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive C:\ to exploit this...
EUVD-2022-32393
Malicious code in bioql PyPI...
EUVD-2021-32627
Malicious code in bioql PyPI...
EUVD-2021-32628
Malicious code in bioql PyPI...
CVE-2021-45912
An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...
CVE-2022-27905
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive C:\ to exploit this...
CVE-2022-27905
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive C:\ to exploit this...
Privilege escalation
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive C:\ to exploit this...
CVE-2022-27905
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive C:\ to exploit this...
CVE-2022-27905
CVE-2022-27905 affects ControlUp Real-Time Agent prior to version 8.6. The issue is an unquoted path that can lead to privilege escalation. A successful exploit requires write permissions to the root of the OS drive (C:). The available connected sources corroborate the same description across mul...
Controlup Real-Time Agent 代码问题漏洞
Controlup Real-Time Agent is a real-time agent from Controlup USA. A security vulnerability exists in Controlup Real-Time Agent prior to version 8.6, which stems from unquoted paths that may lead to elevation of privilege...
Controlup Real-Time Agent Command Injection Vulnerability
Controlup Real-Time Agent is a real-time agent from Controlup USA. The Controlup Real-Time Agent suffers from a command injection vulnerability that originates from an unauthenticated named pipe channel in the Controlup Real-Time Agent, which can be exploited by an attacker to run operating syste...
CVE-2021-45912
An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...
CVE-2021-45912
An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...
Command injection
An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...
CVE-2021-45913
A hardcoded key in ControlUp Real-Time Agent cuAgent.exe before 8.2.5 may allow a potential attacker to run OS commands via a WCF channel...
CVE-2021-45913
A hardcoded key in ControlUp Real-Time Agent cuAgent.exe before 8.2.5 may allow a potential attacker to run OS commands via a WCF channel...
Hardcoded credentials
A hardcoded key in ControlUp Real-Time Agent cuAgent.exe before 8.2.5 may allow a potential attacker to run OS commands via a WCF channel...
CVE-2021-45912
Controlup Real-Time Agent (cuAgent.exe) exposes an unauthenticated Named Pipe channel that, before version 8.5, allows an attacker to execute OS commands via the ProcessActionRequest WCF method. Impact is local and could enable command execution with the attacker’s privileges. Remediation per sou...
CVE-2021-45912
An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...