Exploit for Deserialization of Untrusted Data in Clear Clearml

ClearML Exploit This repository contains a proof-of-concept e...

Cacti 代码注入漏洞

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. A code injection vulnerability exists in Cacti version 1.2.27, which stems...

The vulnerability in the script /view/DBManage/Backup_Server_commit.php of the D-Link DAR-7000 and DAR-8000 router microprogramming software allows a attacker to execute arbitrary commands.

The vulnerability of the /view/DBManage/BackupServercommit.php script of the D-Link DAR-7000 and DAR-8000 router microprogramming systems exists due to the failure to address the need to neutralize certain special elements used in the operating system commands. Exploiting this vulnerability allow...

The vulnerability of the setTracerouteCfg() function in the TOTOLINK T10 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the setTracerouteCfg function in the TOTOLINK T10 router microprogramming software exists because measures to neutralize specific elements have not been taken. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands on the underlying operatin...

The vulnerability of the HID Profile interface of the Bluetooth protocol stack for the Linux BlueZ operating system allows a perpetrator to execute arbitrary commands.

The vulnerability of the HID Profile interface of the Bluetooth protocol stack for the Linux BlueZ operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

CVE-2024-20521 Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid...

CVE-2024-20521 Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid...

CVE-2024-20520 Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid...

CVE-2024-20520 Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid...

CVE-2024-20519 Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid...

CVE-2024-20519 Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid...

CVE-2024-20518 Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid...

Cisco Small Business多款产品 安全漏洞

The Cisco Small Business RV320 and Cisco Small Business RV325 are both VPN routers from Cisco. A security vulnerability exists in various Cisco Small Business products that stems from improper validation of user input in the Web management interface. The vulnerability allows a remote attacker to...

Cisco Small Business多款产品 安全漏洞

The Cisco Small Business RV320 and Cisco Small Business RV325 are both VPN routers from Cisco. A security vulnerability exists in various Cisco Small Business products that stems from improper validation of user input in incoming HTTP packets. The vulnerability allows a remote attacker to execute...

Cisco Small Business 安全漏洞

Cisco Small Business is a switch from Cisco USA. A security vulnerability exists in Cisco Small Business that stems from improper validation of user input in the Web management interface. Allows a remote attacker to execute arbitrary commands or cause a denial of service on the underlying operati...

The vulnerability of the CGI function in D-Link router microprogramming devices such as DI-7003GV2, DI-7100G+V2, DI-7100GV2, DI-7200GV2, DI-7300G+V2, and DI-7400G+V2 allows attackers to execute arbitrary commands.

The vulnerability of the CGI function in D-Link router microprogramming devices such as DI-7003GV2, DI-7100G+V2, DI-7100GV2, DI-7200GV2, DI-7300G+V2, and DI-7400G+V2 lies in insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of the setTracerouteCfg() function in the microprogramming software for TOTOLINK AC1200 T8 routers allows a intruder to execute any command they desire.

The vulnerability of the setTracerouteCfg function in the TOTOLINK AC1200 T8 router software exists because measures to neutralize the special elements used in the operating system command have not been taken. Exploiting this vulnerability could allow a remote attacker to execute arbitrary comman...

The vulnerability of the setSyslogCfg() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK X5000R router’s microprogramming software allows a intruder to execute any command they desire.

The vulnerability of the setSyslogCfg function /cgi-bin/cstecgi.cgi in the TOTOLINK X5000R router’s microprogramming software exists because measures to neutralize the special elements used in the operating system commands have not been taken. Exploiting this vulnerability allows a remote attacke...

The vulnerability of the setModifyVpnUser() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK X5000R router software allows a hacker to execute any command they desire.

The vulnerability of the setModifyVpnUser function /cgi-bin/cstecgi.cgi in the TOTOLINK X5000R router software exists because measures to neutralize the special elements used in operating systems have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

The vulnerability of the setWanIeCfg() function (/cgi-bin/cstecgi.cgi) in the microprogramming software for TOTOLINK X5000R allows a hacker to execute any command they desire.

The vulnerability of the setWanIeCfg function /cgi-bin/cstecgi.cgi in TOTOLINK X5000R routers exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...