9 matches found
CVE-2025-71284
Synway SMG Gateway Management Software is affected by an OS command injection in the RADIUS configuration endpoint /en/9-2radius.php. The radius_address POST parameter (and related fields) is split and interpolated directly into a sed command without sanitization, enabling an unauthenticated remo...
CVE-2026-5958
When sed is invoked with both -i in-place edit and --follow-symlinks, the function opennextfile performs two separate, non-atomic filesystem operations on the same path: 1. resolves symlink to its target and stores the resolved path for determining when output is written, 2. opens the original...
GHSA-7MV8-J34Q-VP7Q @anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes
Due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the...
@anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes
Due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the...
EUVD-2012-4065
Malware in sbrugna...
Samsung Smart Home Camera SNH-P-6410 - Command Injection
Exploit for hardware platform in category remote exploits E-DB Note: source https://www.pentestpartners.com/blog/samsungs-smart-camera-a-tale-of-iot-network-security/ import urllib, urllib2, crypt, time New password for web interface webpassword = 'admin' New password for root rootpassword = 'roo...
Cisco Nexus 7000 Denial of Service Vulnerability (Cisco-SA-20140506-CVE-2014-0684)
A vulnerability in Cisco Nexus 7000 Series Switches could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...
Cisco Nexus 7000 Denial of Service Vulnerability (Cisco-SA-20140506-CVE-2014-0684)
A vulnerability in Cisco Nexus 7000 Series Switches could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...
Command injection
Cisco NX-OS allows local users to gain privileges, and read or modify arbitrary files, via the sed 1 r and 2 w commands, aka Bug IDs CSCts56559, CSCts56565, CSCts56570, and CSCts56574...