49 matches found
CVE-2025-50989
OPNsense before 25.1.8 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint interfacesbridgeedit.php. The span POST parameter is concatenated into a system-level command without proper sanitization or escaping, allowing an administrator to inject arbitra...
Linux Distros Unpatched Vulnerability : CVE-2017-9078
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -...
Huawei EulerOS: Security Advisory for screen (EulerOS-SA-2025-1985)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for CVE-2025-20029
CVE-2025-20029: Command Injection in TMSH CLI in F5 BIG-IP A...
CVE-2024-11482
A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection, executed as the root user...
CVE-2024-5717
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
PT-2024-5969
Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to the fixed version Description A signal handler in sshd8 may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds 12...
CVE-2023-44426
D-Link DIR-X3260 SetSysEmailSettings AccountPassword Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...
TitanNit Web Control 2.01 / Atemio 7600 - Root Remote Code Execution
!/usr/bin/env python -- coding: utf-8 -- TitanNit Web Control 2.01 / Atemio 7600 Root Remote Code Execution Vendor: AAF Digital HD Forum | Atelmo GmbH Product web page: http://www.aaf-digital.info | https://www.atemio.de Affected version: Firmware =2.01 Summary: The Atemio AM 520 HD Full HD...
CVE-2023-48257
The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution RCE with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by unauthenticate...
TitanNit Web Control 2.01 / Atemio 7600 Root Remote Code Execution
Summary The Atemio AM 520 HD Full HD satellite receiver enables the reception of digital satellite programs in overwhelming image quality in both SD and HD ranges. In addition to numerous connections, the small all-rounder offers a variety of plugins that can be easily installed thanks to the lar...
Netatalk: Multiple Vulnerabilities including root remote code execution
Background Netatalk is a kernel level implementation of the AppleTalk Protocol Suite, which allows Unix hosts to act as file, print, and time servers for Apple computers. It includes several script utilities, including etc2ps.sh. Description Multiple vulnerabilities have been discovered in...
CVE-2023-36755
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...
PT-2023-21764 · Rocket · Universe +1
Name of the Vulnerable Software and Affected Versions: Rocket Software UniData versions prior to 8.2.4 build 3003 Rocket Software UniVerse versions prior to 11.3.5 build 1001 Rocket Software UniVerse versions prior to 12.2.1 build 2002 Description: The issue is a heap-based buffer overflow in the...
CVE-2022-40918
Buffer overflow in firmware leweicam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet. Please update the Reference section to these links http://thiscomputer.com/...
The vulnerability of the fgfmsd software from Fortinet’s FortiManager device management system and FortiAnalyzer network monitoring system allows a malicious individual to execute arbitrary code with root privileges.
The vulnerability of the fgfmsd software in the Fortinet FortiManager device management system and the FortiAnalyzer network monitoring system is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with root privileges b...
Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection
Summary CTM-200 is the industrial cellular wireless gateway for fixed and mobile applications. The CTM-200 is a Linux based platform powered by ARM Cortex-A8 800 MHz superscalar processor. Its on-board standard features make the CTM-200 ideal for mobile fleet applications or fixed site office and...
MyBook Users Urged to Unplug Devices from Internet
Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affect...
PT-2021-19242 · Unknown · Centos Web Panel
Name of the Vulnerable Software and Affected Versions: CentOS Web Panel affected versions not specified Description: The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection issue, which can lead to root Remote Code Execution. Recommendations: At the moment, there ...
Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution
Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...