CVE-2018-18014

Lack of authentication in Citrix Xen Mobile through 10.8 allows low-privileged local users to execute system commands as root by making requests to private services listening on ports 8000, 30000 and 30001. NOTE: the vendor disputes that this is a vulnerability, stating it is "already mitigated b...

CVE-2018-0430

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerability is due to insufficient validation of...

CVE-2018-11061

RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security Analytics versions prior to 10.6.6 are vulnerable to a server-side template injection vulnerability due to insecure configuration of the template engine used in the product. A remote authenticated malicious RSA NetWitness Server...

Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution Vulnerability

Exploit for linux platform in category remote exploits Exploit Title: Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Version: All versions before RP 5.1.2, and all versions before RP4VMs 5.1.1.3 Vendor KB: https://support.emc.com/kb/521234 Github:...

Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution

Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Exploit Title: Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution Date: 2018-06-21 Version: All versions before RP 5.1.2, and all versions before RP4VMs 5.1.1.3 Exploit Author: Paul Taylor Vendor Advisory: DSA-2018-095 Vendor KB...

Dell EMC RecoverPoint &lt; 5.1.2 - Local Root Command Execution

Exploit Title: Dell EMC RecoverPoint &2 root@recoverpoint:/ id uid=0root gid=0root groups=0root root@recoverpoint:/...

Apache Hadoop elevation of privilege vulnerability (CNVD-2018-10426)

Apache Hadoop is the U.S. Apache Apache Software Foundation's set of open source distributed systems infrastructure, it can be distributed processing of large amounts of data, and has high reliability, high scalability, high fault tolerance and other characteristics. Apache Hadoop 2.2.0 to 2.7.3...

CVE-2018-1144

A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi...

The vulnerability of the XPC interface implementation for accessing the CactusVPN VPN service allows a perpetrator to execute system commands with root privileges.

The vulnerability of the XPC interface implementation for accessing the CactusVPN VPN service is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute system commands with root privileges...

CVE-2018-6822

In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root...

The vulnerability of the command-line interface (CLI) of the NX-OS operating system of the Cisco Unified Computing System Central device’s centralized device management system allows a attacker to execute arbitrary commands.

The vulnerability of the command-line interface CLI of the NX-OS operating system in the Cisco Unified Computing System Central device management system exists due to insufficient verification of input data during the installation of updates. Exploiting this vulnerability allows an attacker to...

The vulnerability of the command-line interface (CLI) of the NX-OS operating system of the Cisco Unified Computing System Central device’s centralized device management system allows a attacker to execute any command they desire.

The vulnerability of the command-line interface CLI of the NX-OS operating system of the Cisco Unified Computing System Central device management system exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary commands with...

The vulnerability of the system scripts of the automation software Application Policy Infrastructure Controller allows a perpetrator to execute arbitrary commands with root privileges.

The vulnerability of system scripts in the automation software Application Policy Infrastructure Controller, when installed during the download process, is related to the lack of measures to neutralize special elements used in commands. Exploiting this vulnerability allows an attacker to enhance...

CVE-2017-8020

An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on an affected server...

VulnCheck KEV: CVE-2024-12847

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been exploited in the wild...

The vulnerability of the Screensavercc component in the eLux RP operating system allows a hacker to execute arbitrary commands with root privileges.

The vulnerability of the Screensavercc component in the eLux RP operating system is related to the lack of measures to protect input data. Exploiting this vulnerability allows a malicious actor to bypass configuration restrictions and execute arbitrary commands with root privileges by inserting...

The vulnerability of the bpserverd protocol used by Unitrends Backup software allows a perpetrator to bypass authentication procedures or execute arbitrary commands with root privileges.

The vulnerability of the bpserverd protocol used by Unitrends Backup software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process or execute arbitrary commands with root privileges, using the xinetd...

Trend Micro Deep Discovery Director Hard-Coded Archive File Password Vulnerability

Trend Micro Deep Discovery is a protection product from Trend Micro that detects and identifies hard-to-find threats in real time and proposes solutions. director is one of the built-in solutions with the ability to update and upgrade various programs in Deep Discovery. A security vulnerability...

Cisco IOS XR Local Elevation of Privilege Vulnerability

Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. An elevation of privilege vulnerability exists in Cisco IOS XR that allows a local user to execute arbitrary operating system commands as root by leveraging administrator privileges...

EMC VNX2 OE for File and VNX1 OE for File Local Elevation of Privilege Vulnerability

The EMC VNX2 OE for File and VNX1 OE for File are file storage devices from EMC Corporation USA. A security vulnerability exists in EMC VNX2 OE for File and VNX1 OE for File, which can be exploited by a local attacker to submit a special request to execute arbitrary commands with root privileges...