23 matches found
CVE-2022-27905
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive C:\ to exploit this...
EUVD-2021-32627
Malicious code in bioql PyPI...
EUVD-2021-32628
Malicious code in bioql PyPI...
EUVD-2022-32393
Malicious code in bioql PyPI...
CVE-2021-45912
An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...
CVE-2022-27905
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive C:\ to exploit this...
CVE-2022-27905
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive C:\ to exploit this...
Privilege escalation
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive C:\ to exploit this...
CVE-2022-27905
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive C:\ to exploit this...
CVE-2022-27905
CVE-2022-27905 affects ControlUp Real-Time Agent prior to version 8.6. The issue is an unquoted path that can lead to privilege escalation. A successful exploit requires write permissions to the root of the OS drive (C:). The available connected sources corroborate the same description across mul...
Controlup Real-Time Agent 代码问题漏洞
Controlup Real-Time Agent is a real-time agent from Controlup USA. A security vulnerability exists in Controlup Real-Time Agent prior to version 8.6, which stems from unquoted paths that may lead to elevation of privilege...
Controlup Real-Time Agent Command Injection Vulnerability
Controlup Real-Time Agent is a real-time agent from Controlup USA. The Controlup Real-Time Agent suffers from a command injection vulnerability that originates from an unauthenticated named pipe channel in the Controlup Real-Time Agent, which can be exploited by an attacker to run operating syste...
CVE-2021-45912
An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...
CVE-2021-45912
An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...
CVE-2021-45912
An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...
Command injection
An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...
CVE-2021-45913
A hardcoded key in ControlUp Real-Time Agent cuAgent.exe before 8.2.5 may allow a potential attacker to run OS commands via a WCF channel...
CVE-2021-45913
A hardcoded key in ControlUp Real-Time Agent cuAgent.exe before 8.2.5 may allow a potential attacker to run OS commands via a WCF channel...
Hardcoded credentials
A hardcoded key in ControlUp Real-Time Agent cuAgent.exe before 8.2.5 may allow a potential attacker to run OS commands via a WCF channel...
CVE-2021-45912
An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...