EUVD-2022-53465

Malicious code in bioql PyPI...

CVE-2022-32268

StarWind SAN and NAS v0.2 build 1914 allow remote code execution. A flaw was found in REST API in StarWind Stack. REST command, which allows changing the hostname, doesn’t check a new hostname parameter. It goes directly to bash as part of a script. An attacker with non-root user access can injec...

StarWind SAN & NAS has unspecified vulnerabilities

StarWind SAN & NAS is a standalone hypervisor server or group of servers for StarWind.A security vulnerability exists in StarWind SAN & NAS that could be exploited by an attacker to reset the passwords of other users...

StarWind SAN

StarWind SAN & NAS is a standalone hypervisor server or group of servers for StarWind.A command injection vulnerability exists in StarWind SAN & NAS, which can be exploited by attackers to remotely execute code...

CVE-2022-24552

A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with roo...

CVE-2022-24552

A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with roo...

StarWind SAN & NAS 操作系统命令注入漏洞

StarWind SAN & NAS is a standalone hypervisor server or group of servers for StarWind.A command injection vulnerability exists in StarWind SAN & NAS, which can be exploited by attackers to remotely execute code...

StarWind SAN & NAS 授权问题漏洞

StarWind SAN & NAS is a standalone hypervisor server or group of servers for StarWind.A security vulnerability exists in StarWind SAN & NAS that could be exploited by an attacker to reset the passwords of other users...

CVE-2021-45389

A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manager and bypass the authentication process, thus could escalate privileges. This affects StarWind SAN and NAS build 1578 and StarWind Command Center build 6864...

PT-2022-12338 · Starwind · Starwind Command Center +1

Name of the Vulnerable Software and Affected Versions: StarWind SAN and NAS build 1578 StarWind Command Center build 6864 Description: A flaw was found with the JWT token, allowing a self-signed JWT token to be injected into the update manager and bypass the authentication process, thus escalatin...

多款StarWind产品授权问题漏洞

StarWind SAN & NAS and StarWind Command Center are both StarWind products.StarWind SAN & NAS are standalone hypervisor servers or groups of servers.StarWind Command Center is a single management platform to manage and monitor the Ui. designed to simplify and automate the control of routine Hci...