CVE-2024-43660 Arbitrary file download using <redacted>.sh

The CGI script .sh can be used to download any file on the filesystem. This issue affects Iocharger firmware for AC model chargers beforeversion 24120701. Likelihood: High, but credentials required. Impact: Critical – The script can be used to download any file on the filesystem, including...

PT-2023-19655 · Arista · Arista Eos

Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged...

PT-2022-14853 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: A vulnerability in the web management interface could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operatin...

PT-2022-5475 · Cisco · Cisco Email Security Appliance +2

Name of the Vulnerable Software and Affected Versions: Cisco Email Security Appliance affected versions not specified Cisco Secure Email and Web Manager affected versions not specified Cisco Secure Web Appliance affected versions not specified Description: The issue is related to the use of a...

PT-2020-1990 · Cisco +1 · Cisco Fxos +1

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software affected versions not specified Description: A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a...