Fortinet FortiADC 操作系统命令注入漏洞

Fortinet FortiADC is an application delivery controller from Fortinet, Inc. Fortinet FortiADC suffers from a command injection vulnerability, which stems from an improper neutralization of special elements used in os commands, that can be exploited by an attacker to execute arbitrary shell code a...

Exploit for Download of Code Without Integrity Check in Fortinet Fortios

Exploit for CVE-2021-44168 Purpose Exploit CVE-2021-44168...

Exploit for Improper Privilege Management in Sudo_Project Sudo

CVE-2023-22809 sudo Privilege escalation Affected sudo ve...

Exploit for Improper Privilege Management in Sudo_Project Sudo

CVE-2023-22809 sudo Privilege escalation Affected sudo ve...

CVE-2022-47853

TOTOlink A7100RU V7.4cu.2313B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload...

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload...

CVE-2022-47853

TOTOlink A7100RU V7.4cu.2313B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router from China Gion Electronics TOTOLINK. The TOTOLINK A7100RU V7.4cu.2313B20191024 suffers from an operating system command injection vulnerability that allows an attacker to obtain a stable root shell via a specially crafted payload...

CVE-2022-38372

A hidden functionality vulnerability CWE-1242 in FortiTester CLI 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow a local, privileged user to obtain a root shell on the device via an undocumented command...

CVE-2022-38372

A hidden functionality vulnerability CWE-1242 in FortiTester CLI 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow a local, privileged user to obtain a root shell on the device via an undocumented command...

CVE-2022-38372

A hidden functionality vulnerability CWE-1242 in FortiTester CLI 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow a local, privileged user to obtain a root shell on the device via an undocumented command...

CVE-2022-38372

FortiTester CLI contains a hidden functionality vulnerability (CWE-1242) that can allow a local, privileged user to obtain a root shell via an undocumented command. Affected versions are FortiTester CLI 2.3.0–3.9.1, 4.0.0–4.2.0, and 7.0.0–7.1.0. Red Hat and other sources reference the same issue,...

FortiTester - Undocumented shell command

A hidden functionality vulnerability CWE-1242 in FortiTester CLI may allow a local, privileged user to obtain a root shell on the device via an undocumented command...

Zimbra sudo + postfix privilege escalation

This module exploits a vulnerable sudo configuration that permits the zimbra user to execute postfix as root. In turn, postfix can execute arbitrary shellscripts, which means it can execute a root shell. Module Options msf use exploit/linux/local/zimbrapostfixprivesc msf exploitzimbrapostfixprive...

Zimbra Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zimbra sudo + postfix privilege escalation', 'Description' = %q This module exploits a vulnerable sudo configuration that permits the zimbra user...

Zimbra Privilege Escalation Exploit

This Metasploit module exploits a vulnerable sudo configuration that permits the Zimbra user to execute postfix as root. In turn, postfix can execute arbitrary shellscripts, which means it can execute a root shell. This module requires Metasploit: https://metasploit.com/download Current source:...

Exploit for Improper Initialization in Linux Linux_Kernel

!Dirty Pipehttps://forum.hackersploit.org/uploads/default/ori...

CVE-2022-20944 Cisco IOS XE Software for Catalyst 9200 Series Switches Arbitrary Code Execution Vulnerability

A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to an improper check in the code function tha...

Cisco IOS XE Software for Catalyst 9200 Series Switches Arbitrary Code Execution Vulnerability

A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to an improper check in the code function tha...

CVE-2022-36323

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell...