Lucene search
K

15286 matches found

Positive Technologies
Positive Technologies
added 2023/06/14 12:0 a.m.5 views

PT-2023-3645 · D Link · D-Link Dsl-G256Dg +1

Name of the Vulnerable Software and Affected Versions: D-Link DSL-224 version 3.0.10 D-Link DSL-G256DG affected versions not specified Description: The issue is related to a command execution vulnerability that can be exploited after authentication. It is associated with deficiencies in the...

9CVSS8AI score0.01762EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/06/13 12:0 a.m.3 views

PT-2023-3392 · Tp Link · Tp-Link Tl-Wpa8630P

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WPA8630P US V2 Version 171011 Description: The issue is related to a command injection vulnerability via the devicePwd parameter in the sub 40A80C function. This vulnerability may allow a remote attacker to execute arbitrary...

10CVSS8.2AI score0.0243EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2023/06/13 12:0 a.m.5 views

PT-2023-23869 · Kingsoft · Wps Office

Name of the Vulnerable Software and Affected Versions: WPS Office version 10.8.0.6186 Description: A remote attacker who can conduct a man-in-the-middle attack may execute an arbitrary OS command on the system where the product is installed by connecting the product to a malicious server and...

8.1CVSS7.4AI score0.0106EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.293 views

Anevia Flamingo XS 3.6.5 Authenticated Root Remote Code Execution

Anevia Flamingo XS 3.6.5 Authenticated Root Remote Code Execution Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.6.5 Hardware revision: 1.1 SoapLive 2.4.0 SoapSystem 1.3.1 Summary: Flamingo XL, a new modular and high-density IPTV head-end product for hospitality and...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/06/10 12:0 a.m.6 views

PT-2023-4830

Name of the Vulnerable Software and Affected Versions FUXA version 1.1.13 Description A remote command execution vulnerability in the "/api/runscript" endpoint allows attackers to execute arbitrary commands via a crafted POST request. This issue is related to the lack of input data sanitization,...

9.8CVSS8.4AI score0.13746EPSS
Exploits3References19
Metasploit
Metasploit
added 2023/06/09 7:50 p.m.540 views

Oracle Weblogic PreAuth Remote Command Execution via ForeignOpaqueReference IIOP Deserialization

Oracle Weblogic 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 prior to the Jan 2023 security update are vulnerable to an unauthenticated remote code execution vulnerability due to a post deserialization vulnerability. This occurs when an attacker serializes a "ForeignOpaqueReference" class object,...

8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/06/09 12:0 a.m.4 views

The vulnerability of the Honeywell OneWireless Wireless Device Manager (WDM) lies in the lack of measures taken to clean data at the control level, allowing attackers to execute arbitrary commands.

The vulnerability of the Honeywell OneWireless Wireless Device Manager WDM lies in the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS7.1AI score0.00288EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2023/06/08 12:0 a.m.324 views

Microsoft Windows PowerShell Remote Command Execution

from base64 import b64encode import argparse,sys,os PSTrojanFile.py By hyp3rlinx c 2023 ApparitionSec hyp3rlinx.altervista.org twitter.com/hyp3rlinx twitter.com/malvuln PoC Video: https://www.youtube.com/watch?v=-ZJnA70Cf4I...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/06/08 12:0 a.m.319 views

Microsoft Windows PowerShell Remote Command Execution Exploit

This python script mints a .ps1 file with an exploitable semicolon condition that allows for command execution from Microsoft Windows PowerShell. This is an updated exploit to work with Python3. from base64 import b64encode import argparse,sys,os PSTrojanFile.py By hyp3rlinx c 2023 ApparitionSec...

7.4AI score
Exploits0
CNVD
CNVD
added 2023/06/07 12:0 a.m.14 views

Hitron Technologies CODA-5310 Remote Command Execution Vulnerability

Hitron Technologies CODA-5310 is a wireless router. The Hitron Technologies CODA-5310 suffers from a remote command execution vulnerability that can be exploited by an attacker to perform a command injection attack using the administration page to execute arbitrary system commands, manipulate the...

7.2CVSS8.1AI score0.01281EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.7 views

The vulnerability of the index.cgi component of D-Link DIR-620 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the index.cgi component in D-Link DIR-620 router microprogramming software is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using...

9CVSS7.5AI score0.05768EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.8 views

The vulnerability of the HNAP1 protocol implementation in D-Link DIR-846 router microprogramming software allows a attacker to execute arbitrary commands.

The vulnerability of the HNAP1 protocol implementation in D-Link DIR-846 router microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s command processing for handling the tomographypingaddress parameter. Exploiting this...

9CVSS8.2AI score0.32561EPSS
Exploits1References4Affected Software1
GithubExploit
GithubExploit
added 2023/06/03 10:59 p.m.209 views

Exploit for Path Traversal in Apache Http_Server

Apache-CVEs Exploit created in python3 to exploit known vulner...

9.8CVSS10AI score0.99992EPSS
Exploits173
OSV
OSV
added 2023/06/02 11:15 a.m.5 views

CVE-2023-28703

ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A remote attacker with administrator privileges can exploit this vulnerability to execute arbitrary system commands, disrupt system or terminate...

7.2CVSS7.9AI score0.00886EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/02 12:0 a.m.9 views

CVE-2023-28703 ASUS RT-AC86U - Buffer Overflow

ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A remote attacker with administrator privileges can exploit this vulnerability to execute arbitrary system commands, disrupt system or terminate...

7.2CVSS7.5AI score0.00886EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/06/02 12:0 a.m.4 views

Hitron Technologies CODA 操作系统命令注入漏洞

Hitron Technologies CODA-5310 is a wireless router. The Hitron Technologies CODA-5310 suffers from a remote command execution vulnerability that can be exploited by an attacker to perform a command injection attack using the administration page to execute arbitrary system commands, manipulate the...

7.2CVSS8.1AI score0.01281EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/02 12:0 a.m.3 views

ELITE Web Fax Server SQL注入漏洞

ELITE Web Fax Server is a web fax server from ELITE. ELITE Web Fax Server suffers from an SQL injection vulnerability that originates from the presence of a SQL injection vulnerability, which can be exploited by an unauthenticated, remote attacker to execute arbitrary system commands, interrupt...

9.8CVSS9AI score0.00868EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/02 12:0 a.m.8 views

CVE-2022-47616 Hitron Technologies Inc. CODA-5310 - Remote Command Execution

Hitron CODA-5310 has insufficient filtering for specific parameters in the connection test function. A remote attacker authenticated as an administrator, can use the management page to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service...

7.2CVSS8AI score0.01281EPSS
Exploits0References1
NVD
NVD
added 2023/05/31 8:15 p.m.17 views

CVE-2023-33735

D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution RCE vulnerability via the tomographypingaddress parameter in the /HNAP1 interface...

9.8CVSS9.7AI score0.32561EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/05/31 8:15 p.m.5 views

CVE-2023-33735

D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution RCE vulnerability via the tomographypingaddress parameter in the /HNAP1 interface...

9.8CVSS7.6AI score0.32561EPSS
Exploits1References3
Rows per page
Query Builder