32 matches found
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser from Google, an American company. An input validation error vulnerability exists in versions of Google Chrome prior to 106.0.5249.62, which stems from insufficient DevTools data validation. A remote attacker can exploit this vulnerability by sending a malicious HTTP...
SUSE CVE-2017-9328
Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root...
SUSE: Security Advisory (SUSE-SU-2020:1533-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-27555
Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user...
SUSE SLES12 Security Update : krb5-appl (SUSE-SU-2020:1533-1)
This update for krb5-appl fixes the following issues : CVE-2020-10188: Fixed a remote root execution bsc1165787. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as...
SUSE-SU-2020:1533-1 Security update for krb5-appl
This update for krb5-appl fixes the following issues: - CVE-2020-10188: Fixed a remote root execution bsc1165787...
CVE-2019-17510
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell metacharacters to /squashfs-root/www/HNAP1/control/SetWizardConfig.php...
UBUNTU-CVE-2019-13917
Exim 4.85 through 4.92 fixed in 4.92.1 allows remote code execution as root in some unusual configurations that use the $sort expansion for items that can be controlled by an attacker e.g., $localpart or $domain...
CVE-2019-7276
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console...
CVE-2018-7364
All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorized remote attacker can exploit this vulnerability to execute arbitrary code with root privileges...
The vulnerability of the firmware control interface of Teltonika RUT9XX allows a hacker to execute arbitrary commands with root privileges.
The vulnerability of the control interface of Teltonika RUT9XX embedded microprogramming software is related to deficiencies in access control during user authentication requests. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary commands with root...
CVE-2017-9328
Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root...