33 matches found
CVE-2019-25483
Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...
EUVD-2019-19761
Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...
CVE-2019-25483
Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...
CVE-2019-25483
The CVE-2019-25483 entry concerns the Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k device, where a restricted shell escape vulnerability allows local users to bypass command restrictions via the command substitution operator $( ). Attackers can inject arbitrary commands through $( ) when pa...
CVE-2019-25483 Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k Restricted Shell Escape
Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...
CVE-2019-25483
Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...
CVE-2019-25483 Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k Restricted Shell Escape
Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...
CVE-2024-58338
Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the traceroute command. Attackers can exploit the traceroute command to inject shell commands and gain full root access to the device by bypassing the...
CVE-2018-25143
Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root...
EUVD-2021-24036
Malware in sbrugna...
CVE-2024-0170
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svccava utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges...
Dell Unity 操作系统命令注入漏洞
Dell Unity is a unified hybrid storage array for general purpose workloads both locally and in the cloud. A command injection vulnerability exists in Dell Unity, which can be exploited by a local attacker to escape a restricted shell and execute arbitrary OS commands with root privileges...
CVE-2023-44304
Dell DM5500 contains a privilege escalation vulnerability in the appliance. A remote attacker with low privileges could potentially exploit this vulnerability to escape the restricted shell and gain root access to the appliance...
Dell DM5500 操作系统命令注入漏洞
The Dell DM5500 is an integrated solution from Dell, Inc. It provides industry-leading deduplication, data protection solutions and multi-cloud capabilities. The Dell DM5500 suffers from an elevation of privilege vulnerability that can be exploited by an attacker to escape a restricted shell and...
PT-2022-27861 · Veritas · Veritas Netbackup Flex Scale
Name of the Vulnerable Software and Affected Versions: Veritas NetBackup Flex Scale versions through 3.0 Description: An issue was discovered that allows a non-privileged user to escape a restricted shell and execute privileged commands. Recommendations: For Veritas NetBackup Flex Scale versions...
CVE-2021-37471
Cradlepoint IBR900-600 devices running versions 7.21.10 are vulnerable to a restricted shell escape sequence that provides an attacker the capability to simultaneously deny availability to the device's NetCloud Manager console, local console and SSH command-line...
CVE-2021-37471
Cradlepoint IBR900-600 devices running versions 7.21.10 are vulnerable to a restricted shell escape sequence that provides an attacker the capability to simultaneously deny availability to the device's NetCloud Manager console, local console and SSH command-line...
CVE-2021-37471
Cradlepoint IBR900-600 devices running versions 7.21.10 are vulnerable to a restricted shell escape sequence that provides an attacker the capability to simultaneously deny availability to the device's NetCloud Manager console, local console and SSH command-line...
Cradlepoint IBR900-600 安全漏洞
The Cradlepoint IBR900-600 is a router from Cradlepoint USA. A security vulnerability exists in the Cradlepoint IBR900-600 that stems from a restricted shell escape sequence that may exist on Cradlepoint IBR900-600 7.2.60 devices. An attacker could exploit the vulnerability to deny the availabili...
CVE-2021-29873
IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and cause a denial of service due to a restricted shell escape vulnerability. IBM X-Force ID: 206229...