Lucene search
K

447 matches found

OSV
OSV
added 2019/03/21 4:0 p.m.4 views

CVE-2018-20162

Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root...

9.9CVSS6AI score0.04161EPSS
Exploits3References3
OSV
OSV
added 2019/03/11 9:29 p.m.6 views

CVE-2019-1614

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to incorrect input validation of user-supplied data by the NX-API subsystem. An attacker could exploit this...

8.8CVSS7.5AI score0.04109EPSS
Exploits0References2
OSV
OSV
added 2019/02/01 9:29 a.m.3 views

CVE-2019-7300

Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldapadmin and ldappassword fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field...

7.2CVSS7.4AI score0.02773EPSS
Exploits1References2
NVD
NVD
added 2018/12/21 6:29 p.m.19 views

CVE-2018-20342

The Floureon IP Camera SP012 provides a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges...

7.2CVSS6.9AI score0.00598EPSS
Exploits1References3
OSV
OSV
added 2018/10/24 9:29 p.m.3 views

CVE-2018-18014

Lack of authentication in Citrix Xen Mobile through 10.8 allows low-privileged local users to execute system commands as root by making requests to private services listening on ports 8000, 30000 and 30001. NOTE: the vendor disputes that this is a vulnerability, stating it is "already mitigated b...

7.8CVSS5.9AI score0.00484EPSS
Exploits1References1
OSV
OSV
added 2018/10/05 2:29 p.m.3 views

CVE-2018-0430

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerability is due to insufficient validation of...

8.8CVSS6AI score0.04029EPSS
Exploits0References2
OSV
OSV
added 2018/08/24 3:29 p.m.3 views

CVE-2018-11061

RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security Analytics versions prior to 10.6.6 are vulnerable to a server-side template injection vulnerability due to insecure configuration of the template engine used in the product. A remote authenticated malicious RSA NetWitness Server...

9.1CVSS6.1AI score0.04982EPSS
Exploits0References4
0day.today
0day.today
added 2018/06/22 12:0 a.m.95 views

Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution Vulnerability

Exploit for linux platform in category remote exploits Exploit Title: Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Version: All versions before RP 5.1.2, and all versions before RP4VMs 5.1.1.3 Vendor KB: https://support.emc.com/kb/521234 Github:...

7.1AI score0.43287EPSS
Exploits12
exploitpack
exploitpack
added 2018/06/21 12:0 a.m.27 views

Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution

Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Exploit Title: Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Date: 2018-06-21 Version: All versions before RP 5.1.2, and all versions before RP4VMs 5.1.1.3 Exploit Author: Paul Taylor Vendor Advisory: DSA-2018-095 Vendor KB...

10CVSS0.4AI score0.43287EPSS
Exploits12
Exploit DB
Exploit DB
added 2018/06/21 12:0 a.m.51 views

Dell EMC RecoverPoint &lt; 5.1.2 - Local Root Command Execution

Exploit Title: Dell EMC RecoverPoint &2 root@recoverpoint:/ id uid=0root gid=0root groups=0root root@recoverpoint:/...

10CVSS9.6AI score0.43287EPSS
Exploits12
CNVD
CNVD
added 2018/05/03 12:0 a.m.3 views

Apache Hadoop elevation of privilege vulnerability (CNVD-2018-10426)

Apache Hadoop is the U.S. Apache Apache Software Foundation's set of open source distributed systems infrastructure, it can be distributed processing of large amounts of data, and has high reliability, high scalability, high fault tolerance and other characteristics. Apache Hadoop 2.2.0 to 2.7.3...

9CVSS7.5AI score0.0262EPSS
Exploits1References1
OSV
OSV
added 2018/04/19 1:29 p.m.3 views

CVE-2018-1144

A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi...

9.8CVSS5.9AI score0.06981EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2018/04/19 12:0 a.m.5 views

The vulnerability of the XPC interface implementation for accessing the CactusVPN VPN service allows a perpetrator to execute system commands with root privileges.

The vulnerability of the XPC interface implementation for accessing the CactusVPN VPN service is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute system commands with root privileges...

10CVSS5.7AI score0.0186EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/02/07 3:0 p.m.14 views

CVE-2018-6822

In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root...

9.7AI score0.01511EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/01/24 12:0 a.m.4 views

The vulnerability of the system scripts of the automation software Application Policy Infrastructure Controller allows a perpetrator to execute arbitrary commands with root privileges.

The vulnerability of system scripts in the automation software Application Policy Infrastructure Controller, when installed during the download process, is related to the lack of measures to neutralize special elements used in commands. Exploiting this vulnerability allows an attacker to enhance...

7.2CVSS5.8AI score0.00445EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/01/24 12:0 a.m.4 views

The vulnerability of the command-line interface (CLI) of the NX-OS operating system of the Cisco Unified Computing System Central device’s centralized device management system allows a attacker to execute arbitrary commands.

The vulnerability of the command-line interface CLI of the NX-OS operating system in the Cisco Unified Computing System Central device management system exists due to insufficient verification of input data during the installation of updates. Exploiting this vulnerability allows an attacker to...

7.2CVSS5.9AI score0.0068EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2018/01/24 12:0 a.m.4 views

The vulnerability of the command-line interface (CLI) of the NX-OS operating system of the Cisco Unified Computing System Central device’s centralized device management system allows a attacker to execute any command they desire.

The vulnerability of the command-line interface CLI of the NX-OS operating system of the Cisco Unified Computing System Central device management system exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary commands with...

7.2CVSS5.9AI score0.00603EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2017/11/28 7:29 a.m.4 views

CVE-2017-8020

An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on an affected server...

9.8CVSS6.3AI score0.04211EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2017/11/01 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-12847

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been exploited in the wild...

9.8CVSS7.6AI score0.28986EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2017/09/22 12:0 a.m.4 views

The vulnerability of the Screensavercc component in the eLux RP operating system allows a hacker to execute arbitrary commands with root privileges.

The vulnerability of the Screensavercc component in the eLux RP operating system is related to the lack of measures to protect input data. Exploiting this vulnerability allows a malicious actor to bypass configuration restrictions and execute arbitrary commands with root privileges by inserting...

10CVSS8.1AI score0.02356EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder