120 matches found
CVE-2020-7357 Cayin CMS Command Injection
Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'NTPServerIP' HTTP POST parameter in system.cgi page. This issue affects several...
PT-2020-19571 · Cayin · Cayin Cms-40 +4
Name of the Vulnerable Software and Affected Versions: Cayin CMS versions 7.5 through 8.2 Cayin CME-SE version affected versions not specified Cayin CMS-60 version affected versions not specified Cayin CMS-40 version affected versions not specified Cayin CMS-20 version affected versions not...
PT-2020-14424 · Centos · Centos Web Panel
Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version cwp-e17.0.9.8.923 Description: This issue allows remote attackers to execute arbitrary code on affected installations. Authentication is not required to exploit this issue. The flaw exists within the ajax migration...
Cayin Signage Media Player 3.0 Root Remote Command Injection
!/usr/bin/env python3 Cayin Signage Media Player 3.0 Root Remote Command Injection Vendor: CAYIN Technology Co., Ltd. Product web page: https://www.cayintech.com Affected version: SMP-8000QD v3.0 SMP-8000 v3.0 SMP-6000 v3.0 Build 19025 SMP-6000 v1.0 Build 14246 SMP-6000 v1.0 Build 14199 SMP-6000...
Cayin Content Management Server 11.0 - Remote Command Injection (root) Vulnerability
Exploit for multiple platform in category web applications Title: Cayin Content Management Server 11.0 - Remote Command Injection root Author:LiquidWorm Vendor: https://www.cayintech.com CVE: N/A Cayin Content Management Server 11.0 Root Remote Command Injection Vendor: CAYIN Technology Co., Ltd...
Cayin Signage Media Player 3.0 Root Remote Command Injection
Summary CAYIN Technology provides Digital Signage solutions, including media players, servers, and software designed for the DOOH Digital Out-of-home networks. We develop industrial-grade digital signage appliances and tailored services so you don't have to do the hard work. Description CAYIN...
Exploit for CVE-2020-11651
CVE-2020-11651 PoC for CVE-2020-11651 Requires Python3 tested...
CVE-2020-9463
Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the serverip field in JSON data in an api/internal.php?object=centreonconfigurationremote request...
CVE-2019-5141
An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted iwserverip parameter can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the device. An attacker can...
The vulnerability of the microprogrammed wireless access point software for Moxa AWK-3121 lies in the fact that the execution of certain operations goes beyond the buffer in memory. This allows a malicious user to execute arbitrary commands with root privileges.
The vulnerability of the microprogrammed wireless access point software for Moxa AWK-3121 lies in the fact that the operation data is stored outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with root privileges, using a speciall...
CVE-2019-16754
RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implementation asymcute, potentially allowing an attacker to crash a network node running RIOT. This requires spoofing an MQTT server response. To do so, the attacker needs to know the MQTT MsgID of a pending MQTT protocol message an...
Null pointer dereference
RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implementation asymcute, potentially allowing an attacker to crash a network node running RIOT. This requires spoofing an MQTT server response. To do so, the attacker needs to know the MQTT MsgID of a pending MQTT protocol message an...
HC10 HC.Server Service 10.14 - Remote Invalid Pointer Write
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HC10-HC.SERVER-10.14-REMOTE-INVALID-POINTER-WRITE.txt + ISR: ApparitionSec Vendor www.hostingcontroller.com Product HC10 HC.Server Service 10.14 HC10 is a unified hosting...
The vulnerability of microprogrammed software in Modicon, ATV IMC, and PacDrive programmable logic controllers lies in the lack of authentication for a critical function, allowing an intruder to alter the device’s configuration.
The vulnerability of microprogrammed software in Modicon, ATV IMC, and PacDrive programmable logic controllers is related to the absence of authentication for the critical function. Exploiting this vulnerability allows a malicious actor to remotely alter the device’s configuration IP address,...
Moxa AWK-3121 Buffer Overflow Vulnerability
Moxa AWK-3121 is an industrial-grade wireless access point from Moxa Taiwan, China. A buffer overflow vulnerability exists in the 'iwserverip' parameter in the Moxa AWK-3121 version 1.14, which can be exploited by an attacker to cause, for example, a buffer overflow or heap overflow...
CVE-2018-10703
An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iwserverip" is susceptible ...
D-Link DWL-2600AP Upgrade Firmware Command Injection
Document Title: =============== D-Link DWL-2600AP - Authenticated OS Command Injection Upgrade Firmware Product & Service Introduction: =============================== The D-Link DWL-2600AP has a web interface for configuration. You can use any web browser you like to login to the D-Link...
Starbucks: China - ecjobsdc.starbucks.com.cn html/shtml file upload vulnerability
1, Summary During the test, I found ecjobsdc.starbucks.com.cn this site has an upload vulnerability, you can upload html and shtml format files, so you can read the server's intranet IP, the physical address of the website application and read the website web.config file. 2, Vulnerability scope...
How to migrate the XMS Database server from an existing DB to a cloned DB server
How to migrate the XMS Database server from an existing DB server to a cloned DB server ? Below are the steps which can be followed if we need to migrate XMS DB server to a cloned DB server which has a different IP address. 1. Login to XenMobile server. 2. Select Configuration and then select...
CVE-2018-5506
In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 the Apache modules apacheauthtokenmod and modauthf5authtoken.cpp allow possible unauthenticated bruteforce on the emserverip authorization parameter to obtain which SSL client certificates used for mutual authentication between...