Lucene search
K

15304 matches found

Vulnrichment
Vulnrichment
added 2022/12/16 12:0 a.m.7 views

CVE-2022-45796 SHARP Multifunction Printer - Command Injection

Command injection vulnerability in nwinterface.html in SHARP multifunction printers MFPs's Digital Full-color Multifunctional System 202 or earlier, 120 or earlier, 600 or earlier, 121 or earlier, 500 or earlier, 402 or earlier, 790 or earlier, and Digital Multifunctional System Monochrome 200 or...

9.1CVSS9.5AI score0.03232EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/12/16 12:0 a.m.19 views

CVE-2022-25627

An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4...

6.7AI score0.00907EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/16 12:0 a.m.5 views

CVE-2022-25627

An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4...

6.8AI score0.00907EPSS
Exploits0References1
CVE
CVE
added 2022/12/16 12:0 a.m.57 views

CVE-2022-25627

Symantec Identity Manager 14.4 is affected: an authenticated administrator with physical access can perform Remote Command Execution on the Management Console. The publicly documented details describe local access as the attack vector with high impact on confidentiality, integrity, and availabili...

6.7CVSS6.5AI score0.00907EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2022/12/15 12:0 a.m.236 views

Syncovery For Linux Web-GUI Authenticated Remote Command Execution Exploit

This Metasploit module exploits an authenticated command injection vulnerability in the Web GUI of Syncovery File Sync and Backup Software for Linux. Successful exploitation results in remote code execution under the context of the root user. Syncovery allows an authenticated user to create jobs,...

8.8CVSS9.2AI score0.54237EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.5 views

PT-2022-27018 · Unknown · Sicam Pas/Pqs

Name of the Vulnerable Software and Affected Versions: SICAM PAS/PQS versions prior to V7.0 Description: A security issue has been identified where the affected software transmits database credentials for the inbuilt SQL server in cleartext. This, combined with the default enabled xp cmdshell...

9.8CVSS9.8AI score0.00622EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.6 views

PT-2022-6344 · Delta Electronics · Dx-2100-L1-Cn

Name of the Vulnerable Software and Affected Versions: Delta Electronics DX-2100-L1-CN version 2.42 Description: The issue exists due to the lack of neutralization of special elements used in the operating system command by the lform/net diagnose component of the Delta Electronics DX-2100-L1-CN...

8.3CVSS7.3AI score0.02354EPSS
Exploits1References7
OSV
OSV
added 2022/12/12 1:15 p.m.3 views

CVE-2022-43542

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete...

8.8CVSS6.1AI score0.01163EPSS
Exploits0References1
NVD
NVD
added 2022/12/12 1:15 p.m.19 views

CVE-2022-43542

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete...

8.8CVSS0.01163EPSS
Exploits0References1
OSV
OSV
added 2022/12/12 1:15 p.m.3 views

CVE-2022-43541

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete...

7.2CVSS6.1AI score0.01525EPSS
Exploits0References1
OSV
OSV
added 2022/12/12 1:15 p.m.1 views

CVE-2022-37920

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete...

7.2CVSS6.1AI score0.01365EPSS
Exploits0References1
OSV
OSV
added 2022/12/12 1:15 p.m.4 views

CVE-2022-37924

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete...

7.2CVSS6.1AI score0.01525EPSS
Exploits0References1
Huntr
Huntr
added 2022/12/12 5:21 a.m.23 views

Unauthenticated Remote Command Execution on corebos due to exposed install files.

Description While analysing corebos source-code, I found a file that looked interesting: - install/MigrationDbBackup.php This file contains the following snippet of code: php ?php /+ The contents of this file are subject to the vtiger CRM Public License Version 1.0 "License"; You may not use this...

7.5CVSS1.9AI score0.01267EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/12/12 12:0 a.m.3 views

Aruba Networks EdgeConnect 安全漏洞

Aruba Networks EdgeConnect is an edge connectivity management platform from Aruba Networks, USA. A security vulnerability exists in Aruba Networks EdgeConnect that stems from a command line interface that allows an authenticated remote user to run arbitrary commands on the underlying host...

8.8CVSS8.2AI score0.01163EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/12 12:0 a.m.7 views

The vulnerability of the FortiWAN traffic balancing system’s web interface allows a attacker to execute arbitrary commands.

The vulnerability of the FortiWAN traffic balancing system’s web interface is related to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending speciall...

9CVSS8AI score0.01456EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/12/10 4:15 p.m.3 views

CVE-2022-45145

egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file...

9.8CVSS6AI score
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/12/09 12:0 a.m.6 views

The vulnerability in the web interface of the Aruba EdgeConnect Enterprise Orchestrator platform allows a attacker to execute arbitrary commands.

The vulnerability of the web interface for managing the Aruba EdgeConnect Enterprise Orchestrator platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands remotely...

10CVSS8AI score0.01587EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/07 12:0 a.m.5 views

CVE-2022-44606

OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...

8.7AI score0.0147EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/07 12:0 a.m.5 views

PT-2022-27262 · Unknown · Udr-Ja1608 +2

Name of the Vulnerable Software and Affected Versions: UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier Description: The issue allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings. Recommendations: Fo...

8.8CVSS7.6AI score0.0147EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/12/07 12:0 a.m.4 views

PT-2022-26928 · Unknown · Udr-Ja1608 +2

Name of the Vulnerable Software and Affected Versions: UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier Description: The issue allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings. This is due to a...

8.8CVSS8.6AI score0.00999EPSS
Exploits0References5
Rows per page
Query Builder