CVE-2023-50651

TOTOLINK X6000R v9.4.0cu.852B20230719 was discovered to contain a remote command execution RCE vulnerability via the component /cgi-bin/cstecgi.cgi...

CVE-2023-50651

TOTOLINK X6000R v9.4.0cu.852B20230719 was discovered to contain a remote command execution RCE vulnerability via the component /cgi-bin/cstecgi.cgi...

CVE-2023-50651

CVE-2023-50651 affects TOTOLINK X6000R v9.4.0cu.852_B20230719, with a remote command execution vulnerability in the /cgi-bin/cstecgi.cgi component. The root cause is improper handling/filtering of constructed command characters, enabling arbitrary command execution. Impact is described as complet...

openSUSE 15 Security Update : deepin-compressor (openSUSE-SU-2023:0424-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0424-1 advisory. - Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that...

openSUSE 15 Security Update : deepin-compressor (openSUSE-SU-2023:0423-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0423-1 advisory. - Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that...

CVE-2023-50255

Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...

Path traversal

Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...

CVE-2023-50255 Zip Path Traversal in Deepin-Compressor

Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...

CVE-2023-50255 Zip Path Traversal in Deepin-Compressor

Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...

CVE-2023-50255

CVE-2023-50255 affects the Deepin-Compressor default archive manager in Deepin Linux. A path traversal flaw prior to 5.12.21 can be exploited to achieve Remote Command Execution when opening crafted archives. Remediation: upgrade to version 5.12.21 or later (as listed in OpenSUSE/OpenSUSE-SU advi...

CVE-2023-51094

Tenda M3 V1.0.0.124856 was discovered to contain a Command Execution vulnerability via the function TendaTelnet...

Vulnerability of QuTS hero, QTS, and QuTScloud network devices: commands that allow attackers to execute arbitrary commands

The vulnerability of the QuTS hero, QTS, and QuTScloud network devices from operating systems is related to the possibility of executing commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

The vulnerability of the implementation of the thumb.php script module on the thumb platform for creating the “Smart Home” MajorDoMo system allows a violator to execute arbitrary commands.

The vulnerability of the thumb.php script implementation in the thumb module of the “Smart Home” MajorDoMo platform is related to the lack of measures taken at the control level to clean data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

ILIAS Security Vulnerabilities

ILIAS is an open source learning management system. A security vulnerability exists in ILIAS version 7.23 and version 8 prior to 8.3, which stems from a vulnerability that could allow a remote attacker to run arbitrary system commands on the server by uploading a file with a malicious filename...

VulnCheck KEV: CVE-2021-30118

An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management RMM 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload...

CVE-2023-51034

TOTOlink EX1200L V9.3.5u.6146B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi UploadFirmwareFile interface...

CVE-2023-50254

Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...

Design/Logic Flaw

Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...

CVE-2023-50254 Deepin Reader RCE vulnerability due to a design flaw

Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...

CVE-2023-50254 Deepin Reader RCE vulnerability due to a design flaw

Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...