dhcp: Command injection vulnerability in the DHCP client NetworkManager integration script

A command injection flaw was found in the NetworkManager integration script included in the DHCP client packages in Red Hat Enterprise Linux. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root...

CVE-2018-10577

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. File upload functionality allows any users authenticated on the web interface to upload files containing code to the web root, allowing these files...

The vulnerability of the Media Streaming add-on, which handles the transmission of multimedia files, arises from the failure to eliminate special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands.

The vulnerability of the Media Streaming add-on relates to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands with root privileges remotely...

CVE-2017-17320

Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability. The system does not manage the memory properly, that frees on the same memory address twice. An attacker tricks the user who has root privilege to install ...

Code injection

The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-sm in /usr/bin owned by the jabber account, which might allow local users to gain privileges by leveraging access to this account and then waiting for root to execute one o...

CVE-2017-18225

The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-sm in /usr/bin owned by the jabber account, which might allow local users to gain privileges by leveraging access to this account and then waiting for root to execute one o...

Design/Logic Flaw

An issue was discovered in Icinga 2.x through 2.8.1. By editing the init.conf file, Icinga 2 can be run as root. Following this the program can be used to run arbitrary code as root. This was fixed by no longer using init.conf to determine account information for any root-executed code a larger...

Design/Logic Flaw

In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root...

EMC RecoverPoint and EMC RecoverPoint for Virtual Machines Command Injection Vulnerability

EMC RecoverPoint and EMC RecoverPoint for Virtual Machines VMs are both products of EMC Corporation. The former is a suite of disaster recovery and data protection software, and the latter is a disaster recovery solution for VMware environments. boxmgmt CLI is one of the command line programs. A...

The vulnerability of the firmware control interface of Teltonika RUT9XX allows a hacker to execute arbitrary commands with root privileges.

The vulnerability of the control interface of Teltonika RUT9XX embedded microprogramming software is related to deficiencies in access control during user authentication requests. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary commands with root...

TerraMaster TOS shell metacharacter injection vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A security vulnerability exists in the /usr/www/include/ajax/GetTest.php file in...

CVE-2017-9328

Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root...

CVE-2017-12787

A network interface of the noviprocessmanagerdaemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be...

CVE-2017-12787

A network interface of the noviprocessmanagerdaemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be...

NfSen 1.3.7 AlienVault OSSIM 4.3.1 - customfmt Command Injection

NfSen 1.3.7 AlienVault OSSIM 4.3.1 - customfmt Command Injection Exploit Title: NfSen/AlienVault remote root exploit command injection in customfmt parameter Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault USM/OSSIM 4.3.1...

samba: Loading shared modules from any path in the system leading to RCE (SambaCry)

A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root...

CVE-2017-6964

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the 1 setuid or 2 setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through...

Code injection

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971...

Command injection

IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root...

DEBIAN-CVE-2016-7787

A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user...