9 matches found
CVE-2025-65074
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue was fixed in version...
EUVD-2025-203628
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue was fixed in version...
CVE-2025-65074
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue was fixed in version...
CVE-2025-65074
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue was fixed in version...
CVE-2025-65074
WaveView client/vulnerable component is WaveStore Server interaction. CVE-2025-65074 describes path traversal in the showerr script that lets a high-privileged attacker execute arbitrary OS commands on the server. Affected: WaveView client with WaveStore Server via showerr; impact is remote comma...
CVE-2025-65074 OS Command Injection via Path Traversal in WaveStore Server
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue was fixed in version...
CVE-2025-65074 OS Command Injection via Path Traversal in WaveStore Server
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue was fixed in version...
WaveStore Server 操作系统命令注入漏洞
WaveStore Server is a video surveillance recording and storage server software from WaveStore UK. WaveStore Server suffers from an operating system command injection vulnerability that stems from path traversal in the showerr script, which could lead to the execution of arbitrary OS commands...
PT-2025-51558
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue was fixed in version...