CVE-2023-45249

Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure ACI before build 5.0.1-61, Acronis Cyber Infrastructure ACI before build 5.1.1-71, Acronis Cyber Infrastructure ACI before build 5.2.1-69, Acronis Cyber Infrastructure ACI...

CVE-2023-45249

CVE-2023-45249 affects Acronis Cyber Infrastructure (ACI) prior to builds 5.0.1-61, 5.1.1-71, 5.2.1-69, 5.3.1-53, and 5.4.4-132.** The vulnerability is a remote command execution caused by the use of default passwords, enabling an attacker to gain administrative access via the ACI Web Portal and ...

VulnCheck KEV: CVE-2023-45249

Acronis Cyber Infrastructure ACI allows an unauthenticated user to execute commands remotely due to the use of default passwords...

The vulnerability of the application component for managing the lifecycle of mobile devices and mobile applications, Ivanti Endpoint Manager Mobile (EPMM) (formerly MobileIron Core), allows a perpetrator to execute arbitrary commands in the basic operating system.

The vulnerability of the Ivanti Endpoint Manager Mobile EPMM web component for managing the lifecycle of mobile devices and applications formerly known as MobileIron Core is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute...

The vulnerability of the application component for managing the lifecycle of mobile devices and mobile applications, Ivanti Endpoint Manager Mobile (EPMM) (formerly MobileIron Core), allows a perpetrator to execute arbitrary commands in the basic operating system.

The vulnerability of the Ivanti Endpoint Manager Mobile EPMM web component for managing the lifecycle of mobile devices and mobile applications formerly known as MobileIron Core is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor t...

PT-2024-29287 · Hewlett Packard · Hpe Aruba Networking Edgeconnect Sd-Wan Gateway

Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking EdgeConnect SD-WAN gateway affected versions not specified Description: A vulnerability exists in the Command Line Interface of the HPE Aruba Networking EdgeConnect SD-WAN gateway, allowing remote authenticated users to r...

Hewlett Packard Enterprise EdgeConnect SD-WAN 安全漏洞

Hewlett Packard Enterprise EdgeConnect SD-WAN is Hewlett Packard Enterprise's secure network foundation for Zero Trust and SASE. It includes best-in-class SD-WAN and next-generation firewalls that deliver unrivaled quality of experience and advanced security. A security vulnerability exists in...

CVE-2023-45249

Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure ACI before build 5.0.1-61, Acronis Cyber Infrastructure ACI before build 5.1.1-71, Acronis Cyber Infrastructure ACI before build 5.2.1-69, Acronis Cyber Infrastructure ACI...

PT-2024-29288 · Hewlett Packard · Hpe Aruba Networking Edgeconnect Sd-Wan Gateway

Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking EdgeConnect SD-WAN gateway affected versions not specified Description: A vulnerability exists in the Command Line Interface of the HPE Aruba Networking EdgeConnect SD-WAN gateway, allowing remote authenticated users to r...

The vulnerability of the microprogrammed software in video surveillance systems GeoVision GV-DSP, GV-IPCAMD, GV-VS, and GVLX 4 exists due to the lack of measures taken to neutralize special elements used in the operating system commands. This vulnerability allows attackers to execute arbitrary commands.

The vulnerability of the microprogramming software used in video surveillance systems GeoVision GV-DSP, GV-IPCAMD, GV-VS, and GVLX 4 exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote...

The vulnerability of the SINEMA Remote Connect VPN service, related to the lack of data cleansing at the management level, allows a perpetrator to execute arbitrary codes.

The vulnerability of the SINEMA Remote Connect VPN service lies in the lack of data cleansing measures at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands with root privileges...

The vulnerability of the formWriteFacMac function in the microprogramming software for wireless Wi-Fi routers Tenda W30E allows a hacker to execute arbitrary commands.

The vulnerability of the formWriteFacMac function in the Tenda W30E wireless Wi-Fi router software exists due to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the web interface of the microprogrammed software for Netis MW5360 allows a hacker to execute arbitrary commands.

The vulnerability of the web interface of Netis MW5360 microprogrammed software routers lies in the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands during the processing of the password parameter...

The vulnerability of the proc_open() function in the PHP interpreter allows attackers to execute arbitrary commands.

The vulnerability of the procopen function in the PHP programming language exists because measures to neutralize the special elements used in operating system commands have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the microprogrammed software of TP-Link Wi-Fi routers such as Archer AX3000, Archer AXE75, Archer AX5400, Archer Air R5, and Archer AXE5400 exists due to the failure to address the issue of eliminating specific components used in the operating system. This vulnerability allows a perpetrator to execute arbitrary commands.

The vulnerability of TP-Link Wi-Fi routers such as Archer AX3000, Archer AXE75, Archer AX5400, Archer Air R5, and Archer AXE5400 exists due to the lack of measures taken to neutralize specific components used in the operating system. Exploiting this vulnerability allows a remote attacker to execu...

Progress Kemp LoadMaster Remote Command Execution

Progress Kemp LoadMaster versions 7.2.48.1 7.2.59.2 / 7.2.48.1 7.2.54.8 and 7.2.48.1 7.2.48.10 is affected by a vulnerability allowing an unauthenticated attacker to execute remote commands via a specially forged request. No source data...

Exploit for Unrestricted Upload of File with Dangerous Type in Pluck-Cms Pluck

CVE-2023-50564 PoC This repository contains a Proof of Con...

CVE-2024-39963

AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution RCE vulnerability via the macFilterType parameter at /goform/setMacFilterCfg...

Broadcom Symantec Privileged Access Management File Upload Vulnerability

Broadcom Symantec Privileged Access Management Broadcom Symantec PAM is a security software from Broadcom, Inc. It helps prevent security breaches by protecting sensitive administrative credentials, controlling privileged user access, proactively enforcing security policies, and monitoring and...

Broadcom Symantec Privileged Access Management Code Injection Vulnerability

Broadcom Symantec Privileged Access Management Broadcom Symantec PAM is a security software from Broadcom, Inc. It helps prevent security breaches by protecting sensitive administrative credentials, controlling privileged user access, proactively enforcing security policies, and monitoring and...