Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3849 matches found

Cvelist
Cvelistadded 2017/02/22 5:0 a.m.17 views

CVE-2016-9683

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI /cgi-bin/extensionsettings component responsible for handling some of the server's...

9.9AI score0.11554EPSS
Exploits2References4
CVE
CVEadded 2017/02/22 5:0 a.m.59 views

CVE-2016-9683

The CVE-2016-9683 issue affects Dell SonicWall Secure Remote Access Server (SRA) version 8.1.0.2-14sv, specifically the extensionsettings CGI (/cgi-bin/extensionsettings). The vulnerability stems from unsanitized handling of the scriptname parameter in a multi-part form, which is read before a ca...

10CVSS9.7AI score0.11554EPSS
Exploits2References4Affected Software1
CVE
CVEadded 2017/02/22 5:0 a.m.55 views

CVE-2016-9682

The provided connected sources confirm CVE-2016-9682 affects SonicWall Secure Remote Access (SRA) 8.1.0.2-14sv. The vulnerabilities are remote command injections in the diagnostics CGI (/cgi-bin/diagnostics) used for emailing system state. Root cause: the application fails to properly escape data...

10CVSS9.9AI score0.23296EPSS
Exploits5References4Affected Software1
CVE
CVEadded 2017/02/22 5:0 a.m.49 views

CVE-2016-9684

Dell SonicWALL Secure Remote Access (SRA) server, version 8.1.0.2-14sv, is vulnerable to a remote command injection in the web admin CGI at /cgi-bin/viewcert. The CGI does not properly escape the CERT input before a system() call, enabling an attacker to execute arbitrary shell commands and gain ...

10CVSS9.8AI score0.07064EPSS
Exploits2References4Affected Software1
CNVD
CNVDadded 2017/02/14 12:0 a.m.4 views

Sophos Web Appliance Remote Command Injection Vulnerability

Sophos Web Appliance is a web security gateway solution. An input validation vulnerability in the MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php file in the web management interface of the Sophos Web Appliance could be exploited by an attacker to submit a special request for injection...

9CVSS7.5AI score0.24445EPSS
Exploits5References1
0day.today
0day.todayadded 2017/02/10 12:0 a.m.97 views

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection Exploit

Exploit for multiple platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "HP Smart Storage Administrator Remote Command Injection", 'Description' = ...

9CVSS8.8AI score0.17372EPSS
Exploits8
Packet Storm
Packet Stormadded 2017/02/10 12:0 a.m.77 views

HP Smart Storage Administrator 2.30.6.0 Remote Command Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "HP Smart Storage Administrator Remote Command Injection", 'Description' = %q This module exploits a vulnerability found in HP Smart...

0.1AI score0.17372EPSS
Exploits8
Exploit DB
Exploit DBadded 2017/02/10 12:0 a.m.102 views

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "HP Smart Storage Administrator Remote Command Injection", 'Description' = %q This module exploits a vulnerability found in HP Smart...

9CVSS7AI score0.17372EPSS
Exploits8
exploitpack
exploitpackadded 2017/02/10 12:0 a.m.27 views

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection (Metasploit)

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "HP Smart Storage Administrator Remote Command...

7.9AI score0.17372EPSS
Exploits8
Packet Storm
Packet Stormadded 2017/01/31 12:0 a.m.111 views

Sophos Web Appliance 4.2.1.3 Remote Command Injection

Critical Start security expert Russell Sanford discovered and reported two critical zero-day vulnerabilities in the Sophos Web Appliance in December of 2016. The vulnerabilities, documented under CVE-2016-9553, allow the remote compromise of the appliance's underlining Linux subsystem. The...

0.5AI score0.19312EPSS
Exploits6
OSV
OSVadded 2017/01/28 12:59 p.m.1 views

CVE-2016-9554

The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...

7.2CVSS5.8AI score
Exploits0References3
Prion
Prionadded 2017/01/28 12:59 p.m.16 views

Command injection

The Sophos Web Appliance version 4.2.1.3 is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php /controllers/MgrReport.php component responsible for blocking and unblocking IP addresses from...

9CVSS7.8AI score0.19312EPSS
Exploits6References4Affected Software1
Prion
Prionadded 2017/01/28 12:59 p.m.14 views

Command injection

The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...

9CVSS8.2AI score0.24445EPSS
Exploits5References3Affected Software1
NVD
NVDadded 2017/01/28 12:59 p.m.27 views

CVE-2016-9553

The Sophos Web Appliance version 4.2.1.3 is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php /controllers/MgrReport.php component responsible for blocking and unblocking IP addresses from...

9CVSS7.4AI score0.19312EPSS
Exploits6References4
NVD
NVDadded 2017/01/28 12:59 p.m.13 views

CVE-2016-9554

The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...

9CVSS7.6AI score0.24445EPSS
Exploits5References3
Cvelist
Cvelistadded 2017/01/28 12:38 p.m.23 views

CVE-2016-9554

The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...

7.6AI score0.24445EPSS
Exploits5References3
CVE
CVEadded 2017/01/28 12:38 p.m.59 views

CVE-2016-9554

CVE-2016-9554 affects Sophos Web Appliance (Secure Web Gateway) before version 4.3.1. The vulnerability exists in the web admin interface via MgrDiagnosticTools.php, where diagnostic tests invoke wget and pass user-controlled input in the url parameter to executeCommand, which calls exec() withou...

9CVSS7.5AI score0.24445EPSS
Exploits5References3Affected Software1
CVE
CVEadded 2017/01/28 12:38 p.m.59 views

CVE-2016-9553

CVE-2016-9553 — Sophos Web Appliance 4.2.1.3 is vulnerable to two remote command injection flaws in the web admin interface (MgrReport.php) where user-supplied values for unblockip and blockip are passed to shell_exec without proper escaping. An authenticated, remote attacker could exploit these ...

9CVSS7.3AI score0.19312EPSS
Exploits6References4Affected Software1
Cvelist
Cvelistadded 2017/01/28 12:38 p.m.34 views

CVE-2016-9553

The Sophos Web Appliance version 4.2.1.3 is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php /controllers/MgrReport.php component responsible for blocking and unblocking IP addresses from...

7.4AI score0.19312EPSS
Exploits6References4
CNVD
CNVDadded 2017/01/04 12:0 a.m.3 views

Western Digital MyCloud NAS Remote Command Injection Vulnerability

Western Digital MyCloud NAS is a personal cloud storage device. Western Digital MyCloud NAS version 2.11.142 suffers from a remote command injection vulnerability in /web/googleanalytics.php, which allows an attacker to execute arbitrary commands with root privileges via the arg parameter within...

10CVSS8.5AI score0.95097EPSS
Exploits4References1
Rows per page
Query Builder