SAP Solution Manager Remote Command Injection Vulnerability

SAP Solution Manager is a system management platform that integrates multiple functions such as system monitoring, SAP Support Desktop, self-service, and ASAP implementation. A remote command injection vulnerability exists in SAP Solution Manager, which allows attackers to exploit the vulnerabili...

NASdeluxe NDL-2400r Remote Command Injection Vulnerability

The NASdeluxe NDL-2400r is a NASdeluxe operating system for use in NAS networked storage devices. A remote command injection vulnerability exists in NASdeluxe NDL-2400r, which can be exploited by an attacker to execute arbitrary commands with root privileges...

EyeLock nano NXT 3.5 Remote Root

i?!/usr/bin/env python EyeLock nano NXT 3.5 Remote Root Exploit Vendor: EyeLock, LLC Product web page: http://www.eyelock.com Affected version: NXT Firmware: 3.05.1193 ICM: 3.5.1 NXT Firmware: 3.04.1108 ICM: 3.4.13 NXT Firmware: 3.03.944 ICM: 3.3.2 NXT Firmware: 3.01.646 ICM: 3.1.13 Platform:...

Novell Filr Command Injection Vulnerability

Novell Filr is a file access and sharing solution for the enterprise from Novell, USA. An operating system command injection vulnerability exists in the vaconfig/time file in Novell Filr 1.2 Security Update 2 and earlier and 2.0 Security Update 1 and earlier. A remote attacker can exploit this...

Barracuda Networks Spam and Virus Firewall Remote Command Injection Vulnerability

Barracuda Networks Spam & Virus Firewall is a virus and spam firewall product from Barracuda Networks. The product features virus filtering and inbound/outbound filtering. A remote command injection vulnerability exists in Barracuda Networks Spam and Virus Firewall versions 5.1.3 006,l 5.1.3 and...

Barracuda Web App Firewall and Load Balancer Remote Command Injection Vulnerability

Barracuda Web Application Firewall and Load Balancer are both products of Barracuda Networks. The former is a Web application firewall and the latter is an application delivery controller. The controller provides protection against intrusions and attacks, while optimizing application load and...

CVE-2016-1450

Cisco WebEx Meetings Server 2.6 allows remote authenticated users to conduct command-injection attacks via vectors related to an upload's file type, aka Bug ID CSCuy92715...

Tiki-Wiki CMS Calendar Remote Command Execution

A remote command injection vulnerability exists in Tiki-Wiki CMS's calendar module. By exploiting this vulnerability, a remote attacker can execute arbitrary code on the affected server...

Apache Continuum Arbitrary Command Execution

A remote command injection vulnerability exists in Apache HTTP servers. By exploiting this vulnerability, a remote attacker can execute arbitrary code on the affected server...

SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2016:1301-1) (ImageTragick)

This update for ImageMagick fixes the following issues : - bsc978061: A vulnerability in ImageMagick's 'https' module allowed users to execute arbitrary shell commands on the host performing the image conversion. The issue had the potential for remote command injection. This update mitigates the...

SUSE-SU-2016:1301-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - bsc978061: A vulnerability in ImageMagick's 'https' module allowed users to execute arbitrary shell commands on the host performing the image conversion. The issue had the potential for remote command injection. This update mitigates the...

Joyent Node.js mustache command injection vulnerability

Joyent Node.js is a web application platform built on top of Google's V8 JavaScript engine. A security vulnerability in Joyent Node.js mustachec allows remote attackers to submit special requests for command injection due to the lack of quotes in program properties...

Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)

Cisco UCS Manager 2.11b - Remote Command Injection Shellshock !/usr/bin/python Cisco UCS Manager 2.11b Shellshock Exploit CVE-2014-6278 Confirmed on version 2.11b, but more are likely vulnerable. Cisco's advisory:...

Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)

!/usr/bin/python Cisco UCS Manager 2.11b Shellshock Exploit CVE-2014-6278 Confirmed on version 2.11b, but more are likely vulnerable. Cisco's advisory: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash Exploit generates a reverse shell to a nc listener...

Cisco ACE 4710 Device Manager GUI Remote Command Injection Vulnerability (cisco-sa-20160224-ace)

The Cisco Application Control Engine ACE software installed on the remote Cisco ACE 4710 device is an A5 version prior to A53.0. It is, therefore, affected by a remote command injection vulnerability in the device manager GUI due to improper validation of user-supplied input in HTTP POST requests...

D-Link DIR-601 Command Injection Vulnerability

D-Link DIR-601 is a wireless router product from AUO. A command injection vulnerability exists in the D-Link DIR-601, which allows remote attackers to exploit the vulnerability to submit a special request to execute arbitrary OS commands...

b374k 3.2.3 2.8 CSRF / Command Injection Vulnerabilities

b374k web shell versions 2.8 and 3.2.3 suffer from a cross site request forgery vulnerability that allows for remote command injection. Vendor: ============================================ github.com/b374k/b374k code.google.com/p/b374k-shell/downloads/list code.google.com/archive/p/b374k-shell/...

Huawei FusionServer Product Command Injection Vulnerability

Huawei FusionServer RH2288 V3 is a server product from Huawei, China. A security vulnerability exists in the Huawei FusionServer product that allows remote attackers to submit a special request to change parameters in the login page and inject commands...

Unauthenticated Remote Command Injection

Overview epimageconvert is a plugin for Etherpad Lite. epimageconvert = 0.0.2 is vulnerable to remote command injection. Authentication is not required for remote exploitation. Recommendation Update to version 0.0.3 or greater. References - PR 5 - GitHub Advisory...

Hacking ipcam like Harold in POI-vulnerability warning-the black bar safety net

0x00 for ipcam attack mesh and preparation 0x01 for embedded devices parameter injection vulnerability to conventional weapons and methods of analysis 0x02 several wonderful case 0x03 Hacking like POI 0x00 preparation This time we discussed is the analysis of the smart camera firmware,through a...