CVE-2017-6184

In Sophos Web Appliance SWA before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303...

CVE-2017-6182

In Sophos Web Appliance SWA before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304...

CVE-2017-6183

In Sophos Web Appliance SWA before 4.3.1.2, a section of the machine's configuration utilities for adding and detecting Active Directory servers was vulnerable to remote command injection, aka NSWA-1314...

CVE-2017-6183

In Sophos Web Appliance (SWA) versions prior to 4.3.1.2, CVE-2017-6183 describes a remote command injection vulnerability in the configuration utilities used for adding/detecting Active Directory servers. The issue arises from improper sanitization of input when managing AD-related settings, enab...

CVE-2017-6184

In Sophos Web Appliance (SWA) versions before 4.3.1.2, the reports-generation interface is vulnerable to remote command injection through the token parameter (aka NSWA-1303). The root cause is improper input handling/sanitization in the reporting path, allowing an authenticated or network-exposed...

CVE-2017-6184

In Sophos Web Appliance SWA before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303...

CVE-2017-6182

Affected product : Sophos Web Appliance (SWA) prior to version 4.3.1.2. Vulnerability : Remote command injection in the reporting UI, via functions related to report generation (NSWA-1304). Impact : Unauthenticated/remote attacker could inject commands through the reporting component; severity is...

CVE-2017-6183

In Sophos Web Appliance SWA before 4.3.1.2, a section of the machine's configuration utilities for adding and detecting Active Directory servers was vulnerable to remote command injection, aka NSWA-1314...

Logsign 4.4.24.4.137 - Remote Command Injection (Metasploit)

Logsign 4.4.24.4.137 - Remote Command Injection Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Logsign Remote Command Injection', 'Description' = %q This module exploits an command...

Logsign Remote Command Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Logsign Remote Command Injection', 'Description' = %q This module exploits an command injection vulnerability in Logsign. By exploiting this...

Logsign Remote Command Injection

This module exploits a command injection vulnerability in Logsign. By exploiting this vulnerability, unauthenticated users can execute arbitrary code under the root user. Logsign has a publicly accessible endpoint. That endpoint takes a user input and then use it during operating system command...

NetCommWireless Wireless Router Remote Command Injection Vulnerability

NetCommWireless Wireless Router is a wireless router from NetComm Australia. A security vulnerability exists in NetCommWireless Wireless Router that allows remote attackers to submit a special request to execute arbitrary commands in an application context...

CVE-2016-9682

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI /cgi-bin/diagnostics component responsible for emailing out information about the...

CVE-2016-9684

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'viewcert' CGI /cgi-bin/viewcert component responsible for processing SSL certificate information. The CGI...

Command injection

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI /cgi-bin/extensionsettings component responsible for handling some of the server's...

Command injection

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI /cgi-bin/diagnostics component responsible for emailing out information about the...

CVE-2016-9682

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI /cgi-bin/diagnostics component responsible for emailing out information about the...

CVE-2016-9683

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI /cgi-bin/extensionsettings component responsible for handling some of the server's...

CVE-2016-9684

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'viewcert' CGI /cgi-bin/viewcert component responsible for processing SSL certificate information. The CGI...

CVE-2016-9682

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI /cgi-bin/diagnostics component responsible for emailing out information about the...