Lucene search
K

15296 matches found

NVD
NVD
added 2023/02/16 10:15 a.m.9 views

CVE-2023-0862

The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects...

8.8CVSS7.5AI score0.02353EPSS
Exploits0References2
Prion
Prion
added 2023/02/16 10:15 a.m.23 views

Design/Logic Flaw

The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects...

6.5CVSS7.1AI score0.02353EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/16 9:7 a.m.7 views

CVE-2023-0862 Path Traversal in NetModule NSRW

The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects...

7.2CVSS7.2AI score0.02353EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/16 9:7 a.m.16 views

CVE-2023-0862 Path Traversal in NetModule NSRW

The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects...

7.2CVSS9AI score0.02353EPSS
Exploits0References2
CVE
CVE
added 2023/02/16 9:7 a.m.47 views

CVE-2023-0862

The CVE-2023-0862 entry describes a path-traversal vulnerability in NetModule NSRW web administration interface. Affected NSRW versions: 4.3.0.0 before 4.3.0.119, 4.4.0.0 before 4.4.0.118, 4.6.0.0 before 4.6.0.105, and 4.7.0.0 before 4.7.0.103. Attackers could upload malicious files to the web ro...

8.8CVSS7.5AI score0.02353EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.4 views

NetModule NSRW 路径遍历漏洞

NetModule NSRW is a series of router software from NetModule, Inc. A security vulnerability exists in NetModule NSRW that stems from the presence of a path traversal vulnerability, which could lead to arbitrary file uploads and deletions, and could be exploited by an authenticated attacker to...

8.8CVSS7.5AI score0.02353EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/02/16 12:0 a.m.5 views

PT-2023-16568 · Netmodule · Netmodule Nsrw

Name of the Vulnerable Software and Affected Versions: NetModule NSRW versions 4.3.0.0 through 4.3.0.118 NetModule NSRW versions 4.4.0.0 through 4.4.0.117 NetModule NSRW versions 4.6.0.0 through 4.6.0.104 NetModule NSRW versions 4.7.0.0 through 4.7.0.102 Description: The NetModule NSRW web...

8.8CVSS7.3AI score0.02353EPSS
Exploits0References8
OSV
OSV
added 2023/02/15 7:15 p.m.6 views

CVE-2022-47507

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands...

7.2CVSS6AI score0.07234EPSS
Exploits0References2
OSV
OSV
added 2023/02/15 7:15 p.m.5 views

CVE-2022-38111

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands...

7.2CVSS6AI score0.84803EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.4 views

SUSE CVE-2002-0836

dvips converter for Postscript files in the tetex package calls the system function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts...

7.5CVSS7.9AI score0.07953EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.8 views

SUSE CVE-2003-0434

Various PDF viewers including 1 Adobe Acrobat 5.06 and 2 Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink...

7.5CVSS7.8AI score0.40942EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.2 views

SUSE CVE-2004-1147

phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters...

10CVSS7.8AI score0.11592EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.3 views

SUSE CVE-2004-1170

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...

10CVSS7.8AI score0.15981EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.4 views

SUSE CVE-2005-0130

Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in 1 channel names or 2 song names that are not properly quoted when the user runs IRC scripts...

7.5CVSS7.8AI score0.02898EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.4 views

SUSE CVE-2005-0230

Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files...

5.1CVSS7.6AI score0.03256EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.4 views

SUSE CVE-2005-0362

awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 "pluginmode", 2 "loadplugin", or 3 "noloadplugin" parameters...

4.6CVSS7.8AI score0.01793EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.5 views

SUSE CVE-2005-0363

awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter...

7.5CVSS7.8AI score0.01954EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:18 a.m.2 views

SUSE CVE-2005-1992

The XMLRPC server in utils.rb for the ruby library libruby 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands...

7.5CVSS7.7AI score0.06565EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:18 a.m.5 views

SUSE CVE-2005-2148

Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the...

7.5CVSS8.3AI score0.03405EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.2 views

SUSE CVE-2005-2547

security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper...

7.5CVSS7.8AI score0.024EPSS
Exploits0References3
Rows per page
Query Builder