Lucene search
K

15300 matches found

CNNVD
CNNVD
added 2023/01/26 12:0 a.m.2 views

Siretta QUARTZ-GOLD 缓冲区错误漏洞

Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to a buffer overflow vulnerability that could be exploited by an attacker to cause arbitrary command execution by sending a specially crafted network packet...

9.8CVSS7.5AI score0.01666EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.7 views

PT-2023-13745 · Unknown · Rawchen Blog-Ssm

Name of the Vulnerable Software and Affected Versions: Rawchen blog-ssm version 1.0 Description: An issue in Rawchen blog-ssm allows a remote attacker to escalate privileges and execute arbitrary commands via the component "/upFile". Recommendations: For Rawchen blog-ssm version 1.0, consider...

9.8CVSS9.7AI score0.01774EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/01/24 12:0 a.m.4 views

The vulnerability of the utils.exec build method of the Nginx Proxy Manager web proxy server allows a hacker to execute arbitrary commands on the server.

The vulnerability of the utils.exec build method of the Nginx Proxy Manager proxy server exists because measures to eliminate special elements used in operating system commands have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the server...

7.5CVSS8.1AI score0.15198EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/23 12:0 a.m.4 views

Vulnerability of the web interface of the Cisco IOS XE operating system, allowing a hacker to execute arbitrary commands

The vulnerability of the Cisco IOS XE operating system’s web interface exists due to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

6.8CVSS7.5AI score0.00896EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/01/20 7:15 a.m.5 views

CVE-2023-20045

A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN Routers could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validati...

7.2CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2023/01/20 7:15 a.m.3 views

CVE-2022-20964

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system. This vulnerability is due to improper validation of user input within requests as part of the...

8.8CVSS6.1AI score0.30649EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/18 12:47 a.m.7 views

CVE-2022-47911 CVE-2022-47911

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system...

9.1CVSS7.4AI score0.01236EPSS
Exploits0References1
OSV
OSV
added 2023/01/17 10:15 a.m.3 views

CVE-2023-22279

MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allow a remote unauthenticated attacker to execute an arbitrary OS command...

9.8CVSS7.5AI score0.01127EPSS
Exploits0References2
OSV
OSV
added 2023/01/17 10:15 a.m.3 views

CVE-2023-22280

MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allow a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command...

7.2CVSS7.3AI score0.00972EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/01/17 12:0 a.m.6 views

CVE-2023-22279

MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allow a remote unauthenticated attacker to execute an arbitrary OS command...

9.9AI score0.01127EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.2 views

PT-2023-18392 · Maho Pbx · Maho-Pbx Netdevancer Vsg Lite/Uni +2

Name of the Vulnerable Software and Affected Versions: MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud versions prior to 1.11.00 MAHO-PBX NetDevancer VSG Lite/Uni versions prior to 1.11.00 MAHO-PBX NetDevancer MobileGate Home/Office versions prior to 1.11.00 Description: The issue allows a remote...

9.8CVSS9.6AI score0.01127EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.7 views

PT-2023-18394 · Maho Pbx · Maho-Pbx Netdevancer Vsg Lite/Uni +2

Name of the Vulnerable Software and Affected Versions: MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud versions prior to 1.11.00 MAHO-PBX NetDevancer VSG Lite/Uni versions prior to 1.11.00 MAHO-PBX NetDevancer MobileGate Home/Office versions prior to 1.11.00 Description: The issue allows a remote...

7.2CVSS7.1AI score0.00972EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/01/16 12:0 a.m.5 views

The vulnerability of the implementation of the remote_agent.php script in the network monitoring software Cacti allows a perpetrator to execute arbitrary commands.

The vulnerability of the remoteagent.php script implementation of the Cacti network monitoring software is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

10CVSS8.4AI score0.99826EPSS
Exploits48References8Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.4 views

PT-2023-15526 · Sewio · Sewio'S Real-Time Location System (Rtls) Studio

Name of the Vulnerable Software and Affected Versions: Sewio’s Real-Time Location System RTLS Studio versions 2.0.0 through 2.6.2 Description: The issue is related to improper validation of the input module name to the backup services of the software. This could allow a remote attacker to access...

9.1CVSS7.1AI score0.01236EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/01/13 12:0 a.m.6 views

The vulnerability of the command-line interface of the FortiExtender signal booster software arises from insufficient validation of arguments passed in commands, allowing attackers to execute arbitrary commands.

The vulnerability of the command-line interface of the FortiExtender signal booster software relates to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS8AI score0.01055EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2023/01/13 12:0 a.m.68 views

Zendo Project Management System Remote Command Execution Vulnerability

Zendo Project Management System is a homegrown open source project management software. A remote command execution vulnerability exists in Zendo Project Management System. The vulnerability is caused by not exiting the program properly during the authentication process, resulting in an...

2.7AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/01/13 12:0 a.m.4 views

The vulnerability of FortiWLC wireless access controller software, related to deficiencies in access control, allows attackers to execute arbitrary commands and increase their privileges.

The vulnerability of the microprogrammed software of FortiWLC wireless access controllers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely and elevate their privileges to the root level, bypassing the...

9CVSS8AI score0.01954EPSS
Exploits0References4Affected Software1
Cisco
Cisco
added 2023/01/11 4:0 p.m.39 views

Cisco Small Business RV160 and RV260 Series VPN Routers Remote Command Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN Routers could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validati...

4.9CVSS7.3AI score0.00964EPSS
Exploits0References1
NVD
NVD
added 2023/01/11 3:15 a.m.27 views

CVE-2022-48253

nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execute arbitrary commands on the remote server. The vulnerability occurs when the homedirs option is used...

9.8CVSS9.7AI score0.03406EPSS
Exploits1References2
OSV
OSV
added 2023/01/11 3:15 a.m.4 views

CVE-2022-48253

nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execute arbitrary commands on the remote server. The vulnerability occurs when the homedirs option is used...

9.8CVSS6AI score0.03406EPSS
Exploits1References2
Rows per page
Query Builder