The vulnerabilities of the VNX1 and VNX2 storage systems are due to the lack of measures for cleaning incoming data, allowing attackers to gain superuser privileges.

The vulnerability of VNX1 and VNX2 storage systems is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain superuser privileges by injecting commands into the system...

Mercurial Command Injection Vulnerability

Mercurial is a software developer Matt Mackall developed a set of cross-platform distributed version control software written in the Python language . The software supports the simultaneous processing of plain text and binary files and so on. A remote command injection vulnerability exists in...

Juniper Junos SRX IDP Remote Command Injection (JSA10801)

According to its self-reported version and model number, the remote Juniper Junos device is affected by a remote command injection vulnerability in the IDP feature due to improper validation of user-supplied input. An authenticated, remote attacker can exploit this to execute arbitrary shell...

Citrix SD-WAN 9.1.2.26.561201 Remote Command Injection

Exploit Title: Citix SD-WAN logout cookie preauth Remote Command Injection Vulnerablity Date: 02/20/2017 Exploit Author: xort @ Critical Start Vendor Homepage: www.citrix.com Software Link: https://www.citrix.com/downloads/cloudbridge/ Version: 9.1.2.26.561201 Tested on: 9.1.2.26.561201 OS...

Sonicwall SRA 8.1.0.2-14sv gencsr.cgi Command Injection

Exploit Title: Sonicwall gencsr CGI Remote Command Injection Vulnerablity Date: 12/24/2016 Exploit Author: xort @ Critical Start Vendor Homepage: www.sonicwall.com Software Link: sonicwall.com/products/sra-virtual-appliance Version: 8.1.0.6-21sv Tested on: 8.1.0.2-14sv CVE : awaiting cve vuln:...

Netscaler SD-WAN 9.1.2.26.561201 - Command Injection (Metasploit)

Exploit Title: Citix SD-WAN logout cookie preauth Remote Command Injection Vulnerablity Date: 02/20/2017 Exploit Author: xort @ Critical Start Vendor Homepage: www.citrix.com Software Link: https://www.citrix.com/downloads/cloudbridge/ Version: 9.1.2.26.561201 Tested on: 9.1.2.26.561201 OS...

Barracuda Load Balancer Remote Command Injection Vulnerability

Barracuda Networks Load Balancer is an application delivery controller from Barracuda Networks. A remote command injection vulnerability exists in the Barracuda Networks Load Balancer using firmware version 6.0.1.006 and earlier, which stems from the deleteassessment command being issued while th...

Command injection

A remote command injection vulnerability exists in the Barracuda Load Balancer product line confirmed on v5.4.0.004 2015-11-26 and v6.0.1.006 2016-08-19; fixed in 6.1.0.003 2017-01-17 in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability...

CVE-2017-6320

A remote command injection vulnerability exists in the Barracuda Load Balancer product line confirmed on v5.4.0.004 2015-11-26 and v6.0.1.006 2016-08-19; fixed in 6.1.0.003 2017-01-17 in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability...

CVE-2017-6320

A remote command injection vulnerability exists in the Barracuda Load Balancer product line confirmed on v5.4.0.004 2015-11-26 and v6.0.1.006 2016-08-19; fixed in 6.1.0.003 2017-01-17 in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability...

CVE-2017-6320

Barracuda Load Balancer product line is affected by CVE-2017-6320. The flaw is a remote command-injection due to unsanitized data processed in a system call during the delete_assessment command, exploitable by an authenticated user to run arbitrary shell commands and gain root privileges. Affecte...

Sophos Web Appliance 4.3.0.2 - 'trafficType' Remote Command Injection (Metasploit)

Exploit Title: Sophos Web Appliance reporting JSON trafficType Remote Command Injection Vulnerablity Date: 01/28/2017 Exploit Author: xort @ Critical Start Vendor Homepage: www.sophos.com Software Link: sophos.com/en-us/products/secure-web-gateway.aspx Version: 4.3.0.2 Tested on: 4.3.0.2 CVE :...

Barracuda Load Balancer Firmware < 6.0.1.006 - Remote Command Injection (Metasploit)

Exploit Title: Barracuda Load Balancer Firmware 'Barracuda Load Balancer Firmware %q This module exploits a remote command execution vulnerability in the Barracuda Load Balancer Firmware Version = v6.0.1.006 2016-08-19 by exploiting a vulnerability in the web administration interface. By sending ...

Sophos Web Appliance 4.3.0.2 - trafficType Remote Command Injection (Metasploit)

Sophos Web Appliance 4.3.0.2 - trafficType Remote Command Injection Metasploit Exploit Title: Sophos Web Appliance reporting JSON trafficType Remote Command Injection Vulnerablity Date: 01/28/2017 Exploit Author: xort @ Critical Start Vendor Homepage: www.sophos.com Software Link:...

Sophos Web Appliance 4.3.0.2 - trafficType Remote Command Injection Exploit

Exploit for hardware platform in category web applications Exploit Title: Sophos Web Appliance reporting JSON trafficType Remote Command Injection Vulnerablity Date: 01/28/2017 Exploit Author: xort @ Critical Start Vendor Homepage: www.sophos.com Software Link:...

KDDI HOME SPOT CUBE WebUI Operating System Command Injection Vulnerability

KDDI HOME SPOT CUBE is a home wireless router product from KDDI Japan.WebUI is one of the graphical user interfaces. An operating system command injection vulnerability exists in the WebUI of the KDDI HOME SPOT CUBE2 using firmware version 101 and earlier. A remote attacker can exploit this...

Command injection

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF...

CVE-2017-9757

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF...

CVE-2017-9757

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF...

CVE-2017-9757

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF...