CVE-2025-34082

A command injection vulnerability exists in IGEL OS versions prior to 11.04.270 within the Secure Terminal and Secure Shadow services. The flaw arises due to improper input sanitization in the handling of specially crafted PROXYCMD commands on TCP ports 30022 and 5900. An unauthenticated attacker...

CVE-2025-34082 IGEL OS Secure Terminal and Secure Shadow Remote Code Execution

A command injection vulnerability exists in IGEL OS versions prior to 11.04.270 within the Secure Terminal and Secure Shadow services. The flaw arises due to improper input sanitization in the handling of specially crafted PROXYCMD commands on TCP ports 30022 and 5900. An unauthenticated attacker...

CVE-2025-34082

IGEL OS prior to 11.04.270 is affected by a command-injection in Secure Terminal and Secure Shadow caused by improper handling of PROXYCMD on TCP ports 30022 (Secure Terminal) and 5900 (Secure Shadow). An unauthenticated network attacker can inject commands leading to remote code execution with e...

CVE-2025-34082 IGEL OS Secure Terminal and Secure Shadow Remote Code Execution

A command injection vulnerability exists in IGEL OS versions prior to 11.04.270 within the Secure Terminal and Secure Shadow services. The flaw arises due to improper input sanitization in the handling of specially crafted PROXYCMD commands on TCP ports 30022 and 5900. An unauthenticated attacker...

IGEL OS 安全漏洞

IGEL OS is a terminal operating system from the German company IGEL. A security vulnerability exists in IGEL OS versions prior to 11.04.270 that stems from improper input cleanup of the Secure Terminal and Secure Shadow services, which could lead to remote code execution...

IGEL OS Secure VNC/Terminal Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IGEL OS Secure VNC/Terminal Command Injection RCE', 'Description' = %q This module exploits a command injection vulnerability in IGEL OS Secure...

IGEL OS Secure VNC/Terminal Command Injection RCE

This module exploits a command injection vulnerability in IGEL OS Secure Terminal and Secure Shadow services. Both Secure Terminal telnetsslconnector - 30022/tcp and Secure Shadow vncsslconnector - 5900/tcp services are vulnerable. Module Options msf use exploit/linux/misc/igelcommandinjection ms...

Denial of Service Vulnerability in Wizards Secure Endpoints

Wizards Terminal Security is a computer system security protection software developed by Wizards. Wizards Secure Terminal has a denial-of-service vulnerability that can be exploited by attackers to construct malformed data and cause a denial of service...

Bug in Anesthesia Respirators Allows Cyber-Tampering

A vulnerability in GE Healthcare’s Aestiva and Aespire anesthesia devices would allow an unauthenticated cybercriminal on the same network as the device to modify gas composition parameters within the devices’ respirator function, thus changing sensor readings for gas density. According to GE...

GE Aestiva and Aespire Anesthesia (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Aestiva and Aespire Anesthesia Vulnerability: Improper Authentication 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSMA-19-190-01 GE...