16 matches found
EUVD-2021-32162
Malicious code in bioql PyPI...
EUVD-2022-53465
Malicious code in bioql PyPI...
EUVD-2022-29431
Malicious code in bioql PyPI...
CVE-2022-24551
A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password including system/administrator user using any available user This affects StarWind SAN and NAS v0.2 build 1633...
CVE-2022-32268
StarWind SAN and NAS v0.2 build 1914 allow remote code execution. A flaw was found in REST API in StarWind Stack. REST command, which allows changing the hostname, doesn’t check a new hostname parameter. It goes directly to bash as part of a script. An attacker with non-root user access can injec...
CVE-2022-32268
StarWind SAN and NAS v0.2 build 1914 allow remote code execution. A flaw was found in REST API in StarWind Stack. REST command, which allows changing the hostname, doesn’t check a new hostname parameter. It goes directly to bash as part of a script. An attacker with non-root user access can injec...
CVE-2022-24551
A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password including system/administrator user using any available user This affects StarWind SAN and NAS v0.2 build 1633...
StarWind SAN & NAS 授权问题漏洞
StarWind SAN & NAS is a standalone hypervisor server or group of servers for StarWind.A security vulnerability exists in StarWind SAN & NAS that could be exploited by an attacker to reset the passwords of other users...
StarWind SAN & NAS 操作系统命令注入漏洞
StarWind SAN & NAS is a standalone hypervisor server or group of servers for StarWind.A command injection vulnerability exists in StarWind SAN & NAS, which can be exploited by attackers to remotely execute code...
CVE-2021-45389
A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manager and bypass the authentication process, thus could escalate privileges. This affects StarWind SAN and NAS build 1578 and StarWind Command Center build 6864...
CVE-2021-45389
A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manager and bypass the authentication process, thus could escalate privileges. This affects StarWind SAN and NAS build 1578 and StarWind Command Center build 6864...
Authentication flaw
A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manager and bypass the authentication process, thus could escalate privileges. This affects StarWind SAN and NAS build 1578 and StarWind Command Center build 6864...
CVE-2021-45389
A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manager and bypass the authentication process, thus could escalate privileges. This affects StarWind SAN and NAS build 1578 and StarWind Command Center build 6864...
CVE-2021-45389
CVE-2021-45389 concerns StarWind SAN & NAS build 1578 and StarWind Command Center build 6864. A flaw allows a self-signed JWT token to be injected into the Update Manager, bypassing authentication and enabling privilege escalation via network access. Root cause: JWT validation/token handling flaw...
PT-2022-12338 · Starwind · Starwind Command Center +1
Name of the Vulnerable Software and Affected Versions: StarWind SAN and NAS build 1578 StarWind Command Center build 6864 Description: A flaw was found with the JWT token, allowing a self-signed JWT token to be injected into the update manager and bypass the authentication process, thus escalatin...
多款StarWind产品授权问题漏洞
StarWind SAN & NAS and StarWind Command Center are both StarWind products.StarWind SAN & NAS are standalone hypervisor servers or groups of servers.StarWind Command Center is a single management platform to manage and monitor the Ui. designed to simplify and automate the control of routine Hci...