Inim Electronics SmartLiving SmartLAN/G/SI <=6.x Root Remote Command Execution

Summary SmartLiving anti-intrusion control panel and security system provides important features rarely found in residential, commercial or industrial application systems of its kind. This optimized-performance control panel provides first-rate features such as: graphic display, text-to-speech,...

D-Link DNS-320 Remote Command Injection Vulnerability - Active Check

The D-Link DNS-320 NAS-device is prone to a remote command injection vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...

Computrols CBAS-Web 19.0.0 Command Injection

!/usr/bin/env python ''' Computrols CBAS-Web Unauthenticated Remote Command Injection Exploit Affected versions: 19.0.0 and below by Sipke Mellema, 2019 Advisory: https://applied-risk.com/resources/ar-2019-009 Paper: https://applied-risk.com/resources/i-own-your-building-management-system Uses tw...

CBAS-Web 19.0.0 - Remote Code Execution Exploit

Exploit for hardware platform in category web applications Exploit Title: CBAS-Web 19.0.0 - Remote Code Execution Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/ Version: 19.0.0...

Cisco Small Business RV Series Routers CVE-2019-15957 Remote Command Injection Vulnerability

Description Cisco Small Business RV Series Routers are prone to a remote command injection vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary commands with root privileges in the context of the affected device. This issue is being tracked by Cisco Bug IDs...

Citrix SD-WAN Center and NetScaler SD-WAN Center addModifyZTDProxy Unauthenticated Remote Command Injection

The remote Citrix SD-WAN Center or NetScaler SD-WAN Center is affected by a remote command injection vulnerability due to improper sanitization of user-supplied input in the addModifyZTDProxy action of NmsController. An unauthenticated, remote attacker can exploit this, via a specially crafted HT...

Remote Command Injection in Zingbox Inspector

A security vulnerability exists in Zingbox Inspector that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint. Ref: CVE-2019-1584 This vulnerability can on...

Remote Command Injection in Zingbox Inspector

A security vulnerability exists in Zingbox Inspector that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint. Ref: CVE-2019-1584 This vulnerability can on...

Palo Alto Networks Zingbox Inspector CVE-2019-15020 Remote Command Injection Vulnerability

Description Palo Alto Networks Zingbox Inspector is prone to a remote command-injection vulnerability. Attackers can exploit this issue to execute arbitrary commands on the affected system. Versions prior to Zingbox Inspector 1.294 are vulnerable. Technologies Affected Paloaltonetworks Zingbox...

Multiple D-Link Products CVE-2019-16920 Remote Command Injection Vulnerability

Description Multiple D-Link products are prone to a command-injection vulnerability. Exploiting this issue could allow an attacker to execute arbitrary commands in the context of the affected device. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...

D-Link DNS-320 Remote Command Injection Vulnerability

The D-Link DNS-320 NAS-device is prone to a remote command injection vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

D-Link DNS-320 Remote Command Injection Vulnerability

The D-Link DNS-320 is a two-drive ShareCenter series NAS storage device. A remote command injection vulnerability exists in the loginmgr.cgi script in the D-Link DNS-320 2.05.B10 and earlier versions. A remote, unauthenticated attacker could exploit this vulnerability to access all application...

CVE-2019-16057

The loginmgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection...

CVE-2019-16057

The loginmgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection...

CVE-2019-16057

D-Link DNS-320 NAS (up to firmware 2.05.B10) is affected by a remote command injection in login_mgr.cgi, enabling remote code execution with root privileges. The vulnerability arises from improper handling of input in the login_mgr.cgi component, allowing an unauthenticated attacker to run arbitr...

CVE-2019-16057

The loginmgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection...

CVE-2019-16057

The loginmgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

Citrix SD-WAN Center Unauthenticated Remote Command Injection

The remote Citrix SD-WAN Center is affected by a remote command injection vulnerability due to improper sanitization of user-supplied input in the ping action of DiagnosticController. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP request, to execute arbitrary...

InduSoft Web Studio < v8.1 + SP3 Remote Command Injection Vulnerability

Binary data 701080.prm...

Zoom RCE Flaw Also Affects Its Rebranded Versions RingCentral and Zhumu

The same security vulnerabilities that were recently reported in Zoom for macOS also affect two other popular video conferencing software that under the hood, are just a rebranded version of Zoom video conferencing software. Security researchers confirmed The Hacker News that RingCentral, used by...